More

e-dant · 2025-12-14T14:26:22 1765722382

I have more of a problem with poor governance than strong automation. The economy should provide us all food and shelter, beyond that, do what you love.

e-dant · 2025-11-27T17:14:50 1764263690

You never had a voice to lose

e-dant · 2025-11-01T15:03:38 1762009418

A masterclass in debugging

e-dant · 2025-10-26T03:06:55 1761448015

It disappoints me to see hardware compensate for the failures of software. We should have done better.

thw_9a83c · 2025-10-26T09:03:05 1761469385

> It disappoints me to see hardware compensate for the failures of software. We should have done better.

I disagree. From a user's point of view, hardware-assisted memory safety is always beneficial. As a user of any software, you cannot verify that you are running a program that is free of memory access errors. This is true even when the software is written in Rust or an automatic memory-managed language.

I hope that one day I will be able to enable memory integrity enforcement for all processes running on my computers and servers, even those that were not designed for it. I would rather see a crash than expose my machine to possible security vulnerabilities due to memory access bugs.

MangoToupe · 2025-10-26T11:52:56 1761479576

I'm skeptical that you even can fully prevent exploitation of human error in software design. This just narrows one class of error.

amazingman · 2025-10-26T07:03:12 1761462192

How could we have done better without first knowing better?

pjmlp · 2025-10-26T08:08:18 1761466098

We have know better for decades, that is why Multics has a higher security score than UNIX, C flaws versus PL/I are noted on DoD report.

MangoToupe · 2025-10-26T11:53:29 1761479609

It also helps that nobody uses multics, so nobody has bothered to exploit it

pjmlp · 2025-10-26T12:27:09 1761481629

I can give other more recent examples, to prove the blindness of C community to security issues.

From which decade since C came to be, do you wish the example?

MangoToupe · 2025-10-26T13:20:38 1761484838

I'm certainly not defending C. I'm just saying multics is a horrible example.

pjmlp · 2025-10-26T13:26:34 1761485194

It is one out of many since 1958, starting with JOVIAL, how the industry has been aware of the security flaws that C allows for, which WG14 has very little interest in fixing, including turning down Dennis Ritchie proposal for fat pointers in 1990.

Note that C authors were aware of many flaws, hence why in 1979 they designed lint, which C programmers were supposed to use as part of their workflow, and as mentioned above proposed fat pointers.

Also note that C authors eventually moved on, first creating Alef (granted failed experiment), then on Inferno, Limbo, finalising with Go.

Also Rust ideas are based on Cyclone, AT&T Research work on how to replace C.

It was needed the tipping point of amount money spent fixing CVEs, ransomware, for companies and government to start thinking this is no longer tolerable.

MangoToupe · 2025-10-27T18:17:59 1761589079

Rust isn't going to fix security vulnerabilities, either, though.

My point is focusing on the language is inherently missing the point, which is simply incorrect code.

mk89 · 2025-10-30T22:38:18 1761863898

You have a whole class of dumb and dangerous bugs completely wiped off, which not even a new/junior untrusted developer can introduce. That's not nothing.

Of course, not checking if a user has permissions to perform an operation is not something Rust or any language will protect you against, but come on it's almost 2026 and we still are talking about use after free...

Panzerschrek · 2025-10-26T06:01:20 1761458480

I agree. The underlying hardware should be as simple as needed and thus be cheap and consume little power. Fixing bad software practices (like using an unsafe language) via hardware hacks is a terrible mistake.

thw_9a83c · 2025-10-26T12:38:53 1761482333

> Fixing bad software practices (like using an unsafe language) via hardware hacks is a terrible mistake.

It's like saying airbags, seat belts (and other safety features) in cars are a terrible mistake because they just fix bad driving practices.

amazingman · 2025-10-26T07:08:21 1761462501

On the contrary, fixing pervasive and increasingly costly ecosystem issues in hardware is exactly the kind of innovation we need.

e-dant · 2025-10-26T03:01:36 1761447696

ARM and lots of non-x86 architectures often use a series of bootloaders to kick up ram, wake up parts of the hardware, blah blah, and read devicetree blobs to know what the hardware looks like

e-dant · 2025-09-22T03:18:07 1758511087

I don’t understand the fs url hyperlink to a child nutrition website.

bb88 · 2025-09-22T03:54:40 1758513280

docs.pyfilesystem.org looks like it has been taken over.

It seems to redirect to here:

https://www.nourishinteractive.com/nutrition-education-print...

Which appears to be a gaming site.

e-dant · 2025-09-16T22:09:08 1758060548

If there are as many typos in some code as are in the article, there would be a whole lot of segfaults, too

e-dant · 2025-08-24T02:22:19 1756002139

The comments here about you needing money or time to exercise are wrong, and missing the point:

It’s hard, and that’s why you do it. It’s also fun.

Get the fuck out there and run, climb, swim.

e-dant · 2025-08-12T18:24:30 1755023070

I like github

e-dant · 2025-07-20T03:19:02 1752981542

The author does point out that these problems come up when implementing various data structures.

It might be surprising to some folks, but there is a lot of unsafe code in Rust, and a lot of that is in the standard’s data structure implementations.

Also —

Common in network programming, the pain of lifetimes, is in async.

The model sort of keels over and becomes obtuse when every task requires ownership of its data with static lifetimes.