Hacker News new | past | comments | ask | show | jobs | submit login

They also address that in their response. It stems from the fact that they use memory-managed programming environments, so they don't have that level of control over memory.



[flagged]


That's a pretty extraordinary claim, considering that securing native code is highly nontrivial and increases the attack surface of an application significantly.


Is that still true with Rust?


The 1password devs specifically say that the Windows team has been playing around with Rust. So they at least seem to be looking into it and treating it as a real possibility.

I don't imagine anything will come from it for a while however.


Supposedly it is already in production, or at least that’s how I read https://twitter.com/sergeygalich/status/1091060842047492096


Why?

Native is often riddled with bugs and the threat model of reading the data out of memory is basically irrelevant.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: