Hacker News new | past | comments | ask | show | jobs | submit login

As much as I'd like to agree with you, the real reason this is happening is because humans wrote the code and humans make mistakes. And even if you rewrite all of the software in Rust, it'll still have exploitable bugs.

Does it matter if it's a buffer overflow or a rusty pan, if the end result is someone reading your device's memory?




In a language with proper bounds checking, regardless of which one, the result of this attempt would have been a core dump.

Sure there are other ways to then take advantage from killing a critical process, but it would be one attack vector less.


You're assuming that no additional attack vector is being introduced due to features unique to Rust. In my opinion, unknown issues are worse than known issues.


Since the first Fortran compiler one of the basic tenets of computer programming has been that the computer itself should help the human programmer express his/her ideas and help the human avoid basic accounting mistakes.

C doesn't do the latter. Blaming the human programmer for stupid accounting mistakes is misplaced. The human's mistake was in choosing a bad language.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: