
Chrome: 70% of all security bugs are memory safety issues - caution
https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/
======
roca
I can't find the real link in the Zdnet article. Here it is:
[https://www.chromium.org/Home/chromium-security/memory-
safet...](https://www.chromium.org/Home/chromium-security/memory-safety)

------
LockAndLol
> Microsoft is also heavily investing in exploring C and C++ alternatives.
> From its early Checked C project, the company is now experimenting with
> Rust, and is also building its own Rust-like "safe" programming language
> (part of the secretive Project Verona).

Of course they are... they can't just use something that exists already, but
they have to have something with a M$ stamp on it.

> The browser maker is also exploring the MiraclePtr project, which aims to
> turn "exploitable use-after-free bugs into non-security crashes with
> acceptable performance, memory, binary size and minimal stability impact."

So managed C/C++?

> And last, but not least, Google also said it plans to explore using "safe"
> languages, where possible. Candidates include Rust, Swift, JavaScript,
> Kotlin, and Java.

I can already hear the pop from the aneurysms the anti-memory managed crowd
will be getting. The comments on reddit and twitter will be amazing.

