alt Hacker NewsAround 70% of security vulnerabilities are about memory safety and only exist because software is written in C and C++. Because most vulnerabilities are in newly written code, Google has found that simply starting writing new code in Rust (rather than trying to rewrite existing codebases) quickly brings the number of found vulnerabilities down drastically.
Replies
bastawhiz • today at 1:36 PM
You can't just write Rust in a part of the codebase that's all C/C++. Tools for checking the newly written C/C++ code for issues will still be valuable for a very long time.
➕ show 1 reply
noosphr • today at 12:41 PM
And to a good approximation all real world Rust uses unsafe everywhere.
So we now have a new code base in an undefined language which still has memory bugs.
This is progress.
➕ show 2 replies
I find this interesting.
Curl's Daniel Stenberg claimed during his NDC talk that vulnerabilities in this project are 8 years old on average.
I wonder where the disconnect comes from.