"safer" what is safer about a language that has macros and the ability to tamper with ...

npub1fjq…leku

2024-09-16 15:51:37

in reply to nevent1q…e9lg

"safer"

what is safer about a language that has macros and the ability to tamper with memory directly versus another that has a lot of obstacles to doing this kind of tampering?

the only difference in memory safety between the two languages is you can get a performance problem in Go if you just fling out a bazillion new buffers for no reason, use them once and then forget about them... and then you need to consider a freelist

there is no buffer overflow vulnerability in valid code in either language

i tell you what the safety problem with rust is

the protocol has to be designed to be secure, most vulns these days are protocol level not buffer overflow

so, Rust is fixing a problem from 20 years ago with an overly complex syntax that really is just hints for a really dumb GC, and go has a sophisticated, 15 year old GC that builds upon its own experience and that of Java's GCs and other GC using languages

this "safety" thing is illusory

what's unsafe is hard to read code, and complex syntax and the red flag is that it takes 100 times longer to compile it

Author Public Key

npub1fjqqy4a93z5zsjwsfxqhc2764kvykfdyttvldkkkdera8dr78vhsmmleku

Show more details

Published at

2024-09-16 15:51:37

Kind type

1 Short Text Note

Event JSON

{ "id": "7e76f5ae69c004ea4b9461c46e884eff6d151aaf44a14320f0d4913924acc894", "pubkey": "4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f", "created_at": 1726501897, "kind": 1, "tags": [ [ "p", "f683e87035f7ad4f44e0b98cfbd9537e16455a92cd38cefc4cb31db7557f5ef2", "wss://auth.nostr1.com/", "pippellia" ], [ "p", "3fcf32612554edf8d94957a05da0b522b19cccbb4ad12289a1294670dba8b293", "wss://relay.damus.io/", "choss" ], [ "p", "75656740209960c74fe373e6943f8a21ab896889d8691276a60f86aadbc8f92a", "wss://relay.damus.io/", "Daniel Wigton" ], [ "e", "9306fcd196544fa1c6798d9dbcf99b87bf6cb98299d97bbc12b141041aad3c6a", "wss://nostr.land/", "root" ], [ "e", "046522b1df4e34773f238d4ebbeec6748145bb310c6cc5118fab4a580eff7ba8", "mention" ], [ "e", "240dc54224c84dbaef8d48ccde6a884ae23d7a3ab08f450ac0a7ae43950adc11", "", "mention" ], [ "e", "31f93552a521f4c52051ede7989f2b58f3760da0a8a32bbc8520030633a5630c", "wss://relay.damus.io/", "reply", "75656740209960c74fe373e6943f8a21ab896889d8691276a60f86aadbc8f92a" ] ], "content": "\"safer\"\n\nwhat is safer about a language that has macros and the ability to tamper with memory directly versus another that has a lot of obstacles to doing this kind of tampering?\n\nthe only difference in memory safety between the two languages is you can get a performance problem in Go if you just fling out a bazillion new buffers for no reason, use them once and then forget about them... and then you need to consider a freelist\n\nthere is no buffer overflow vulnerability in valid code in either language\n\ni tell you what the safety problem with rust is\n\nthe protocol has to be designed to be secure, most vulns these days are protocol level not buffer overflow\n\nso, Rust is fixing a problem from 20 years ago with an overly complex syntax that really is just hints for a really dumb GC, and go has a sophisticated, 15 year old GC that builds upon its own experience and that of Java's GCs and other GC using languages\n\nthis \"safety\" thing is illusory\n\nwhat's unsafe is hard to read code, and complex syntax and the red flag is that it takes 100 times longer to compile it", "sig": "df53977e07cf8cbb070388c1a75138d3227b71aafbb40c947bdf14a0c8ca3ef0163379a60459de67a982f125d83b7021e26f5d802ecaf989bef0c617ba6e5a9a" }