Comment by titzer

1 day ago

Moral hazard here. The rest of us, and all of society, now rests on a huge pile of code written by incorrigible misers who imagined themselves able to write perfect, bug-free code that would go infinitely fast because bad things never happen. But see, there's bugs in your code and other people pay the cost.

5 comments

titzer

Reply
kazinator  20 hours ago

There is an incredible amount of C out there relative to how the sky basically isn't falling.

  • titzer  20 hours ago

    Ransomware attacks against hospitals and a dark extortion economy churning tens if not hundreds of billions of dollars a year in losses and waste.

    What would the "sky falling" look like to you? If you're expecting dramatic movie scenes like something out of Mr Robot, I'm afraid the reality is more mundane, just a never-ending series of basic programming errors that turn into remote code execution exploits because of language and compiler choices by people who don't pay the costs.

    • kazinator  18 hours ago

      To completely eliminate the possibility of ransomware attack, you need an incredibly locked down platform, and users who are impervious to social engineering.

      Vulnerabilities to ransomware (and other forms of malware) can be perpetrated without a single bad pointer being dereferenced.

      For instance, a memory-safe e-mail program can automatically open an attachment, and the memory-safe application which handles the attachment can blindly run code embedded in the document in a leaky sandbox.

      There is an incredible amount of infrastructure out there that depends on C. Embedded devices, mobile devices, desktops, servers. Network stacks, telephony stacks, storage, you name it. Encryption, codecs, ...

      Sky is falling would mean all of it would be falling down so badly that, for instance, you would have about a 50% chance of connecting a server that is more than four hops away.

account42  21 hours ago

There's bugs in your code without undefined behavior too. Go use a different language if you don't care about performance, there are many to choose from.

  • pjmlp  20 hours ago

    Not only do I care about performance, the languages I use, are able to delivery both safety and performace at the level required for project delivery.

    Unfortunely too many folks still pretend C is some kind of magic portable Assembly language that no other language on Earth is able to achieve the same.

    Also if I care enough about ultimate performace, like anyone that actually cares about performance, I dust off my Assembly programming skills, alongside algorithms, datastructures and computer organisation.