▲ | tsimionescu 7 months ago | ||||||||||||||||||||||||||||||||||||||||
Games absolutely are a problem for lack of memory safety - because the majority of games played today are connected to the internet explicitly. For trading system I don't even know what you mean, but I can't think of a trading system where you wouldn't care about security. For simulations and scientific calculations, I do agree, to a vast extent. But in a world that is moving more and more towards zero-trust networking, even many of those will start being looked at as potential attack vectors into other systems. | |||||||||||||||||||||||||||||||||||||||||
▲ | PaulDavisThe1st 7 months ago | parent | next [-] | ||||||||||||||||||||||||||||||||||||||||
As a DAW developer, I find myself chuckling over security concerns in other kinds of apps. You see, it is absolutely expected and required that our applications will load and run arbitrary 3rd party code, generally with the expectation that it lives in the same address space as our application (though this is not formally required). No sockets, no network, no backdoor hacks. You write code, call it a VST plugin, make it sound desirable ... we are expected to load and run it. Yes, several DAWs have made the move toward out-of-process execution of plugins, but that doesn't begin to address the myriad problems caused by loosely-written plugin APIs not adequately pinning down threading, thread priority, memory access and more. Filesystem access? Of course! That code runs as you! Because you want it to! | |||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||
▲ | PLG88 7 months ago | parent | prev [-] | ||||||||||||||||||||||||||||||||||||||||
I may be off base, but as the world moves to zero-trust networking, we can always embed a zero-trust network into our C++ app so that it can be distributed across the network while having no listening ports on the underlay network - i.e., my memory safety exploit cannot just be exploited by anyone on the WAN, LAN, or host OS network. My C++ app unattackable via conventional IP-based tooling, all conventional network threats are immediately useless. This capability exists in completely open source, such as OpenZiti - https://openziti.io/. | |||||||||||||||||||||||||||||||||||||||||
|