Announcement

Collapse
No announcement yet.

Google Announces The Tink Crypto Library

Collapse
X
Collapse
 
  • Page of 5
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 5 template Next
  • #11
    Originally posted by uid313 View Post
    I want the crypto library to implemented in Rust, so it can be safe.
    C and other languages are too unsafe to trust with crypto.
    Rust doesn't magically protect you against every possible memory-concerned bug. It helps with some edge cases at compile-time. Note there are similar tools that provide similar features to C and C++ at compile-time and run-time, it's just a matter of using them. Simply because you don't understand how to use those tools or you're ignorant of the vulnerabilities that are possible in Rust, doesn't suddenly make Rust a more viable solution.
    • Likes 3

    Comment

    • #12
      Originally posted by computerquip View Post

      Rust doesn't magically protect you against every possible memory-concerned bug. It helps with some edge cases at compile-time. Note there are similar tools that provide similar features to C and C++ at compile-time and run-time, it's just a matter of using them. Simply because you don't understand how to use those tools or you're ignorant of the vulnerabilities that are possible in Rust, doesn't suddenly make Rust a more viable solution.
      C is notoriously difficult to code in.
      I couldn't even write a secure Hello World program.
      Also not only memory-concerned bugs, but also other bugs.

      Comment

      • #13
        Originally posted by uid313 View Post
        C is notoriously difficult to code in.
        No, most people making such statements are notoriously bad at coding. Truth hurts.
        Originally posted by uid313 View Post
        I couldn't even write a secure Hello World program.
        See what I mean?
        Originally posted by uid313 View Post
        Sure, you can write safe code in C. For example, Daniel J. Bernstein could do it.
        But for far too many people, it is far too easy to shoot yourself in the foot with C.
        Of course, the fact that you think that the crypto algorithm has anything to do with "memory bugs" or the language at all, proves the point even more.
        • Likes 1

        Comment

        • #14
          Originally posted by uid313 View Post
          I couldn't even write a secure Hello World program.
          Is this a joke? Hello World programs are usually secure since all they do is write some text and quit...

          Code:
          #include <stdio.h>

int retval;

int main() {
  retval=puts("Hello World!");
  return 0;
}
          ...or is there any vulnerability in the code above? (I'm not dropping the return value of puts or using printf)

          Comment

          • #15
            Originally posted by tildearrow View Post

            Is this a joke? Hello World programs are usually secure since all they do is write some text and quit...

            Code:
            #include <stdio.h>

int retval;

int main() {
retval=puts("Hello World!");
return 0;
}
            ...or is there any vulnerability in the code above? (I'm not dropping the return value of puts or using printf)
            I have no idea if there is any vulnerability in that code. Yeah, Hello World programs are very simple so should be secure, but if I wrote one, I wouldn't count on it. The most simple thing in C is very complex, and it is so easy to shoot yourself in the foot, even doing the most basic things.

            Comment

            • #16
              Originally posted by uid313 View Post
              I have no idea if there is any vulnerability in that code. Yeah, Hello World programs are very simple so should be secure, but if I wrote one, I wouldn't count on it. The most simple thing in C is very complex, and it is so easy to shoot yourself in the foot, even doing the most basic things.
              Well, the "vulnerability" is in your brain.

              Comment

              • #17
                Originally posted by Weasel View Post
                Well, the "vulnerability" is in your brain.
                Yeah, I am not a smart guy. I am a pretty dumb guy.
                But in C it is way to easy to write insecure code and shoot yourself in the foot.
                As a pretty dumb guy, I can write code that is probably reasonably secure in other languages, but not in C.

                Comment

                • #18
                  Originally posted by uid313 View Post
                  I want the crypto library to implemented in Rust, so it can be safe.
                  start coding then. btw, this library is not a crypto library, it is a wrapper around real crypto library. which in turn is implemented in c. just as most of rust stuff
                  Originally posted by uid313 View Post
                  C and other languages are too unsafe to trust with crypto.
                  rust has nothing to improve safety with crypto against c++ or java (two of subj's apis)

                  Comment

                  • #19
                    Originally posted by speculatrix View Post
                    https://www.redox-os.org/
                    that is not linux kernel

                    Comment

                    • #20
                      Originally posted by uid313 View Post
                      C is notoriously difficult to code in.
                      I couldn't even write a secure Hello World program.
                      Also not only memory-concerned bugs, but also other bugs.
                      that's why c++ exists

                      Comment

                      Previous 1 2 3 4 5 template Next
                      Working...
                      X