Hacker News new | past | comments | ask | show | jobs | submit login

There was an article from Microsoft on why they're adopting Rust that was posted a little bit ago. The gist of it is that even with a skilled staff, 70% of their CVEs were due to memory errors.



Right - the whole point of having computers / machines is to reliably and efficiently do things that humans are bad at doing at scale. I honestly don't understand people who are excited about programming and also excited about doing things by hand that computers can do better and faster. Like, what is the appeal of programming to them?


Enjoying debugging their code? :)


The article was not from Microsoft but from some rag like ZDNet (I think it was also ZDNet, in which case they're currently submarine-ing Rust).

70% of CVEs are C/C++, because those bugs need to be fixed and important things run on C/C++.

It is an entirely useless metric.


ZDNet reported on a presentation given at a security conference by Microsoft.

> 70% of CVEs are C/C++, because those bugs need to be fixed and important things run on C/C++.

You mis-understood the statistic; the statistic was not "70% of CVEs come from C and C++", the statistic was "70% of bugs come from memory safety issues." They did not classify by language.




Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: