A shitpost about languages that generate CVEs

  • onlinepersonaOP
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    4
    ·
    edit-2
    6 months ago

    Right, those devs with 20+ years C experience don’t know shit about the language and are just lazy. They don’t want to catch up with the times and write safe C. It’s me, the dude with 5 years of university experience who will set it straight. Look at my hello world program, not a single line of vulnerable code.

    Anti Commercial-AI license

    • lad
      link
      fedilink
      English
      arrow-up
      5
      ·
      6 months ago

      This is not completely wrong, though

      • onlinepersonaOP
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        4
        ·
        edit-2
        6 months ago

        Yeah, for sure. Human error is involved in C and inertia too. New coding practices and libraries aren’t used, tests aren’t written, code quality sucks (variable names in C are notoriously cryptic), there’s little documentation, many things are rewritten (seems like everybody has rewritten memory allocation at least once), one’s casual void * is another’s absolute nono, and so on.

        C just makes it really easy to make mistakes.

        Anti Commercial-AI license

    • Corbin
      link
      fedilink
      English
      arrow-up
      2
      ·
      6 months ago

      It has nothing to do with knowing the language and everything to do with what’s outside of the language. C hasn’t resembled CPUs for decades and can’t be reasonably retrofitted for safety.