Hacker News new | past | comments | ask | show | jobs | submit login

Another way to stop it is to start writing software like this i safe-by-default languages like Rust and others instead of C++ with its numerous footguns.

See https://chromium.googlesource.com/chromium/src/+/master/docs... for details.

Interesting quote: "(Some of us on Security Team aspire to get more of Chromium in safer languages, but that's a long-term, heavy lift.)"




They tried that. It was called Servo, and it was Rust's raison d'etre. It failed.


Did it though? Numerous Servo components found their way into Firefox proper. Rust still has a lot of momentum behind it as a language.

It's a big job, and it's going to take a while, but better, safer programming is possible.


Well, they tried to write a new browser engine in Rust but gave up and got laid off. A few pieces got integrated into Firefox but the browser is still wildly insecure (cf. the article).

Turns out "Rewrite it in Rust" is actually really hard when you have millions of lines of code. Even Google probably can't rewrite Chrome from scratch.

Maybe if we just try harder, communism will work. You gotta draw the line somewhere.


They proved the Rust lang and replaced some features on Firefox. Replacing entire engine is hard but current work is still great.


Or admit that it's an ongoing process and incremental results are still worth celebrating.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: