Python cryptography, Rust, and Gentoo [LWN.net]

Python cryptography, Rust, and Gentoo

Posted Feb 17, 2021 13:25 UTC (Wed) by kmweber (guest, #114635)
In reply to: Python cryptography, Rust, and Gentoo by BirAdam
Parent article: Python cryptography, Rust, and Gentoo

And, I mean, it's not like it's particularly difficult to write memory-safe code in C. I don't know where this myth that C is an "inherently insecure platform" comes from. It's not. It's exactly as easy to write safe code in C, as it is to write unsafe. It's programmers who choose not to, not the language forcing it on them.

to post comments

Python cryptography, Rust, and Gentoo

Posted Feb 17, 2021 14:28 UTC (Wed) by mathstuf (subscriber, #69389) [Link] (1 responses)

Sure, writing secure C is *possible*, but I think that, as a whole, we programmers have proven to be pretty shitty at it. If the Linux kernel code review process with all the C veterans can't get it right (just look at the stable kernel patch queue!), what makes you think it's viable for the general coding population to use it? Sure, one can use clang-tidy, sanitizers, valgrind, etc. on it, but I see that as a failing of the language being propped up by expensive tooling rather than a benefit of the language itself.

Python cryptography, Rust, and Gentoo

Posted Feb 17, 2021 15:37 UTC (Wed) by Wol (subscriber, #4433) [Link]

Yup. Different languages, different strengths, different weaknesses. C *encourages* you to play with pointers, which means even experienced programmers use them when they're not necessary. And if you play with knives when you don't need to, you WILL, on average, get cut. Sometimes badly.

I'm sure Rust has its faults. My favourite language, DataBasic, has quite a few. But one of the biggest flaws in a language is using it in an environment for which it is not suited. C *was* brilliant as a low-level system language. Hardware has evolved. C is no longer low-level. People still use it as a low-level language and get badly sliced by the impedence mismatch between what C thinks the hardware is, and what the hardware really is. And it's the easy access to pointers that encourages this dangerous behaviour.

Cheers,
Wol

Python cryptography, Rust, and Gentoo

Posted Feb 17, 2021 15:41 UTC (Wed) by pizza (subscriber, #46) [Link]

It's disingenuous to claim that "programmers choose to not write memory-safe" code. Bugs are (almost) never intentional.

But you're far more likely to get cut when playing with knives than with spoons.

Meanwhile, in the world I where I spend most of my F/OSS (and often, professional) time, the majority of the code I write is what other language consider inherently "unsafe". It's probably fair to say that C is the least-worst option.