Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
khuey 5 hours ago

> Just want to remind everyone that only 1% of vulnerabilities are memory related in the average Joe's code.

Unless your point is merely that average Joes write such terrible code that you don't even need memory safety issues to exploit their software, [citation needed]

Google says memory safety issues are 75% of exploited zero days. (https://security.googleblog.com/2024/10/safer-with-google-ad...)

kalaksi 5 hours ago | parent | next [-]

And at least in Chromium project, half of those memory safety issues are use-after-free: https://www.chromium.org/Home/chromium-security/memory-safet...

wahern 3 hours ago | parent | prev | next [-]

Most memory bugs in Chromium are in V8, either entirely in the JIT or at the boundary with C++. Rust wouldn't help here because the borrow checker can't see through these boundaries, and it's precisely this opacity where the developers also lose track of things.

Which isn't to say Rust wouldn't have caught many of the other memory safety issues, but 75% is horribly misleading.

afdbcreid 5 hours ago | parent | prev | next [-]

My understanding is that they claim that the average Joe writes code in a garbage-collected memory-safe language.

Which is... true? but irrelevant. Such applications are not suggested to be ported to Rust. Of course, some people still do that, because they like Rust; but that's their personal choice.

bbippin 5 hours ago | parent | prev [-]

The point is that memory issues are a smallish number of issue compared to the larger ecosystem of vulnerabilities, and choosing to port everything to Rust is like over-optimizing. Well, that’s my 2 cents.

For a language as ugly as Rust, my thought is that people should actually be using Ada, and have a mathematically provable correctness angle; not just a replacement for C/C++ with memory safety.

khuey 5 hours ago | parent | next [-]

> The point is that memory issues are a smallish number of issue compared to the larger ecosystem of vulnerabilities

If memory safety issues are 75% of exploited zero days it sounds to me like they're the biggest issue in the ecosystem by far.

bbippin 3 hours ago | parent [-]

Perhaps. But what percentage of exploits are actually zero days versus, say, 10 days or 100 days?

Most exploited code probably exists in the application layer in a high-level, memory safe language. I would wager that but I don’t have time to cite ten papers on HN.

jabl 4 hours ago | parent | prev | next [-]

Rust and Ada are about equally safe, both have advantages and disadvantages. Perhaps you're thinking about SPARK ADA, but that's a different kettle of fish.

It's a bit like saying you should program in C, because formal verification tool X generates C code hence C is safe.

afdbcreid 3 hours ago | parent | next [-]

Rust and non-SPARK Ada are not equally safe. Ada is unsafe in the presence of data races, and also has runtime checks that slow it down, or you disable them and then it's even less safe.

bbippin 3 hours ago | parent | prev [-]

Yeah SPARK ADA is what I meant :)

I think formal verification is the way to go with AI moving forward.

sunshowers 3 hours ago | parent | prev [-]

Rust is a beautiful language. Gorgeous.