gnunet-developers
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNUnet-developers] Why old-school C?


From: Christian Grothoff
Subject: Re: [GNUnet-developers] Why old-school C?
Date: Thu, 09 Jul 2015 14:25:05 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.7.0

On 07/09/2015 01:47 PM, Andrew Cann wrote:
> 
> I'm not saying the GNUnet devs should all switch to fancy-language-of-the-day,
> that's not practical. Just that if they did then security (and bugs in 
> general)
> would pretty much be a solved problem.

Doesn't solve:
1) availability: scalability (i.e. of routing), resistance to DoS /
   traffic shaping by ISPs / etc.
2) authenticity (of hardware, software and data)
3) bugs in general: compiler/VM may be buggy/compromised, see tons of
   exploitable Java VM verifier / JIT / runtime bugs over the last 20
   years.
4) confidentiality: side channels, disclosure via protocols,
   meta data leakage (please make sure your GC doesn't leak timing data)
5) usability: user may still not be able to use, or use securely
6) hardware implants (malicious hardware, see ANT catalog)

So saying that switching to some fancy language doesn't address *any* of
those at all (and that's the short list), so claims that "security would
pretty much be a solved problem" by switching to another language are
just nonsense.

Overblown claims don't help the discussion.  That said, I agree with you
that Rust might grow into a good choice in the long term -- and it
should solve certain minor (!) security problems nicely. But I maintain
it won't solve the most critical issues -- like improving
scalability/performance, improving usability, or defending against
attacks outside of our code base (kernel, dependencies, network
neutrality, ISP filtering, compromised hardware/OSes, social
engineering, etc.).

Attachment: 0xE29FC3CC.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]