Chrome: 70% of all security related bugs are memory issues

Paulo Pinto pjmlp at progtools.org
Tue May 26 06:55:20 UTC 2020


On Monday, 25 May 2020 at 17:38:13 UTC, H. S. Teoh wrote:
> On Mon, May 25, 2020 at 05:48:59AM +0000, Paulo Pinto via 
> Digitalmars-d wrote:
>> On Sunday, 24 May 2020 at 14:38:54 UTC, H. S. Teoh wrote:
> [...]
>> > > On Saturday, 23 May 2020 at 17:34:21 UTC, aberba wrote:
>> > > > Yeah, 
>> > > > https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/
> [...]
>> > Notable from the article is that both Microsoft and Google 
>> > are seriously looking into alternative programming 
>> > languages.  I think we're looking at the beginning of the 
>> > end of the long reign of C/C++ in the programming landscape. 
>> > Maybe in about 20-30 years' time C/C++ will become relics in 
>> > the dustbin of history...
> [...]
>> It will still take ages, Google and Microsoft are also 
>> heavyweights on ISO C++, and collaborating on C++ lifetime 
>> analysis and C++ Core Guidelines.
>> 
>> Hence Project Verona and Checked C from Microsoft as well.
>
> Well OK, maybe 20-30 years is a bit optimistic.  But I think 
> this is the start of a general trend to gradually move away 
> from C/C++ towards safer and less painful languages to work 
> with. The other big user of C++ I know of is the game industry, 
> and AFAICT the sentiment there is also that C++ is merely a 
> necessary evil, but they'd jump ship in a heartbeat if a viable 
> competitor comes along.
>
>
> T

Sure, for example Rust had four sessions at Build 2020, and has 
now official support for WinUI/UWP going forward with Project 
Reunion (reunification of Wi32/UWP worlds).

C# seems to have gotten that spot for game developers, many of 
the C# improvements for lowlevel coding seem to be coming from 
Midori learning and collaboration with Unity, CryEngine and Godot.

D got have had this spot, but somehow the opportunity it had was 
lost.

In any case, we are now finally at the beginning of the mentality 
shift that these kind of unsafe programming doesn't scale, which 
is why I think it will still take more than our lifetimes. 
Hopefully others will carry on pushing for safer systems.


More information about the Digitalmars-d mailing list