Software engineer and TechCrunch columnist Jon Evans writes that the C programming language “gives its users far too much artillery with which to shoot their feet off” and is “no longer suitable for the world which C has built.” An anonymous reader shared Evans’ post:
Copious experience has taught us all, the hard way, that it is very difficult, verging on “basically impossible,” to write extensive amounts of C code that is not riddled with security holes. As I wrote two years ago, in my first Death To C piece… “Buffer overflows and dangling pointers lead to catastrophic security holes, again and again and again, just like yesteryear, just like all the years of yore. We cannot afford its gargantuan, gaping security blind spots any more. It’s long past time to retire and replace it with another language.
“The trouble is, most modern languages don’t even try to replace C… They’re not good at the thing C does best: getting down to the bare metal and working at mach speed.” Today I am seriously suggesting that when engineers refactor existing C code, especially parsers and other input handlers, they replace it — slowly, bit by bit — with Rust… we are only going to dig ourselves out of our giant collective security hole iteratively, one shovelful of better code and better tooling at a time.”
He also suggests other fixes — like using a language-theoretic approach which conceptualizes valid inputs as their own formal language, and formal verification of the correctness of algorithms. But he still insists that “C has become a monster” — and that we must start replacing it with Rust.
Read more of this story at Slashdot.