Programming

17668 readers

145 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Follow the programming.dev instance rules
Keep content related to programming in some way
If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]

founded 2 years ago

MODERATORS

[email protected]

257

White House: Future Software Should Be Memory Safe (www.whitehouse.gov)

submitted 10 months ago by [email protected] to c/[email protected]

128 comments fedilink hide all child comments

On the one side I really like c and c++ because they’re fun and have great performance; they don’t feel like your fighting the language and let me feel sort of creative in the way I do things(compared with something like Rust or Swift).

On the other hand, when weighing one’s feelings against the common good, I guess it’s not really a contest. Plus I suspect a lot of my annoyance with languages like rust stems from not being as familiar with the paradigm. What do you all think?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 48 points 10 months ago (4 children)

I'm just glad to see the White House listening to people who understand technology for a change.

[–] [email protected] 21 points 10 months ago (1 children)

We need legislators who aren't all literally older than cryptography. If they weren't bought and paid for by billionaires that would be nice too.

[–] [email protected] 10 points 10 months ago (1 children)

That requires a population willing to vote for such legislators.

[–] [email protected] 7 points 10 months ago (2 children)

It requires score voting so that, even if heavily gerrymandered, one can still meaningfully express a preference without throwing one's ballot in the garbage.

[–] [email protected] 4 points 10 months ago

It's never throwing your ballot in the garbage though. I used to think the same way, but every vote on the left, even if for the lesser evil, even if they lose, moves the conversation to the left. When we all stay home you get maga nutjobs stealing the show running unchecked.

Last thing is that gerrymandered states are the EASIEST to upset by increasing voter turnout. To gerrymander effectively you have to put your opponent in dense areas they'll win by a large margin, then spread your side so that you barely win the rest of the districts. That means that a 5% increase in votes on the left can take you from a loss to a nearly complete victory in a gerrymandered state.

Vote splitting on the other hand is a trickier beast, but in the end if all the left votes go to a moderate then that gives the left a lot of leverage because if the moderate candidate doesn't bend to the left then they'll lose the next election.

Always vote.

[–] fruitycoder 2 points 9 months ago (1 children)

Election reforms require getting out to vote now even if its harder.

[–] [email protected] 2 points 9 months ago (1 children)

You are correct. I hope nobody thought I am against voting. Everyone needs to vote.

[–] fruitycoder 2 points 9 months ago

Mostly just saying it outload, I know I fall into the trap myself and just need reminding "perfect is the enemy of good" sometimes.

[–] fruitycoder 7 points 10 months ago

This admin honestly has been consistently doing so IMHO. Having read a memo that felt like a crock of shit yet, except for maybe the unfunded nature of some of the demands.

[–] [email protected] 5 points 9 months ago

I feel this is a bit of a moot point from the White House. Memory-safe languages have been around for decades. I feel like the amount of C/C++ out there isn't so much that people think having dangerous stuff around is good, but more that nobody really wants to pay to change it.

[+] [email protected] 1 points 10 months ago (1 children)

[deleted]

[–] [email protected] 6 points 9 months ago (2 children)

You don't have to ban C or C++; you just have to prove your programs are memory safe. It's been decades since I've coded in C, but surely Valgrind and ilk are now capable of providing reasonable proof of memory safety. You might have to turn up all the dials and set all-warnings-are-errors, but I'd be surprised if C tooling wasn't available to provide sufficient proof for a given statically-linked program.

[–] [email protected] 1 points 9 months ago* (last edited 9 months ago) (1 children)

I’d be surprised if C tooling wasn’t available to provide sufficient proof for a given statically-linked program.

Be prepared to be surprised then. If such tooling was available, why isn't it being used by the projects for whom it matters? Yes, there is tooling available, but all the big parties using them are admitting it's not good enough for them. Those tools help, but they do fail in the "sufficient proof" department.

For some follow-up reading:

They all share the same basic facts: C and C++ are inherently memory unsafe. If any of them could've "just prove[n] your programs are memory safe", I think they would have.

[–] [email protected] 1 points 9 months ago

If such tooling was available, why isn't it being used by the projects for whom it matters

Oh, my dear, sweet, summer child. Welcome to capitalism, and the rule of "good enough." Static code analysis tools cost money, and take time to run. I've yet to work at a company that didn't have a documented process for entirely bypassing QA in urgent situations; although, when I contracted with the USFS, they were much more reluctant to cut corners - that was under a Democrat president; when Republicans took charge, they cut a lot of things, including software quality controls.

But - as I said - I haven't touched C in decades, so I can't refute your claim that such tools don't exist.