Linux people doing Linux things, it seems.

  • cm0002@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    4 months ago

    Ah I see your default is to sprinkle in a bit of argumentum ad logicam and add a dash of straw man at the end

    Your statement comes across as the migration from C/C++ is more of an upgrade for new features and increased “ease of use” rather than an urgent security issue when it definitely is. It’s more than just a case of a couple of experts and some articles, you’ve got multiple governmental and NGOs like The NSA, The Whitehouse, CISA, DARPA all calling for the migration away from C/C++ to memory safe languages

    https://devops.com/darpa-turns-to-ai-to-help-turn-c-and-c-code-into-rust/

    “DARPA, the Defense Department’s (DOD) R&D agency, will lean on emerging AI capabilities in a new program to deal with the costly and time-consuming challenge of rewriting C and C++ code to Rust in a move designed to meet the push for federal agencies and private organizations to adopt memory-safe programming languages.

    https://www.theregister.com/2023/12/07/memory_correction_five_eyes/

    "CISA, in conjunction with the National Security Agency (NSA), FBI, and the cyber security authorities of Australia, Canada, the United Kingdom, and New Zealand, said its call for better memory safety follows from its Secure By Design recommendations – endorsed by all of these cyber authorities.

    “With this guidance, the authoring agencies urge senior executives at every software manufacturer to reduce customer risk by prioritizing design and development practices that implement MSLs [memory safe languages],” the report argues."

    ~

    "CISA suggests that developers look to C#, Go, Java, Python, Rust, and Swift for memory safe code.

    “The most promising path towards eliminating memory safety vulnerabilities is for software manufacturers to find ways to standardize on memory safe programming languages, and to migrate security critical software components to a memory safe programming language for existing codebases,” the CISA paper concludes."

    • kbal@fedia.io
      link
      fedilink
      arrow-up
      1
      arrow-down
      5
      ·
      4 months ago

      Indeed the language is extremely fashionable among government types and many others. I did not really mean to suggest otherwise. If accusing me of erecting a straw man is your way of apologizing for your initial comment, I accept it.

      • cm0002@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        4 months ago

        Straw Man Fallacy: A straw man fallacy occurs when someone misrepresents an opponent’s argument to make it easier to attack or refute. Instead of addressing the actual issue, the person creates a distorted version of the argument that is easier to discredit.

        This is what you have done in every single reply you made when I have made it quite clear that this is about the migration being an urgent security issue that the cyber security community at large has been calling attention to.

        You avoid all the core points I make and distort them into trivial things that you can easily argue, like the fact that you “Don’t code C much and use Rust occasionally”. It’s irrelevant to the actual arguments and you use it to dismiss the real core issues AKA a Straw Man fallacy

        You have failed to argue in good faith and are actually a part of the problem. Good job!

        • kbal@fedia.io
          link
          fedilink
          arrow-up
          1
          arrow-down
          5
          ·
          4 months ago

          Failing to respond in detail to all of the claims you believe to be your most important ones is not what is usually meant by a “straw man.”

          While I don’t mind Rust (although I’m not too good at it yet) I really do find the crowd of overzealous enthusiasts claiming in the most hyperbolic terms that the necessity of its universal use is an urgent security issue quite off-putting sometimes.