As much as I like Rust, I'm rather skeeved by (the USA) government's sudden interest in "memory safety" and "open source security" and all that. Yes, we need to fix The Infrastructure(tm). But why did it take 1) having a systems-level memory safe language, 2) for the realization that shit can be pwned if it's not memory safe, 3) while never really doing the "taxes should fund free software infrastructure" bit in the past? We have had free C infra for 30 years. Why until now, top-down?
Luis Villa
in reply to Federico Mena Quintero • • •penguin42
in reply to Federico Mena Quintero • • •aeva
in reply to Federico Mena Quintero • • •depending on what the US government is looking to do, having a mandate for memory safe languages for tax funded work is not unprecedented. The DoD had the Ada mandate in the 90s.
Dare I ask, what is the US government looking to regulate more specifically?
Federico Mena Quintero
in reply to aeva • • •@aeva No idea on specific regulations; I'm just watching news go by along the lines of "it's really important to do memory safety now", "open source infrastructure security bla bla bla" - as if they were Very Important Sudden Problems that couldn't possibly have been addressed before, say, by paying people to maintain free software infrastructure.
I guess this is me saying that I agree with https://steveklabnik.com/writing/memory-safety-is-a-red-herring completely.
Memory Safety is a Red Herring
steveklabnik.comIan Douglas Scott
in reply to Federico Mena Quintero • • •aeva
in reply to Federico Mena Quintero • • •aeva
in reply to aeva • • •Federico Mena Quintero
in reply to aeva • • •Emmanuele Bassi
in reply to Federico Mena Quintero • • •Segmentation fault
aeva
in reply to Emmanuele Bassi • • •Firstyear
in reply to Federico Mena Quintero • • •Federico Mena Quintero reshared this.