Short of implementing some kind of drivers license for C coders, I think this is... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		kennywinker on Dec 4, 2013 \| parent \| context \| favorite \| on: GCC Poison Short of implementing some kind of drivers license for C coders, I think this is a bad way to look at things. There will always be programs written by people who don't know about buffer overruns, or SQL injection, or just aren't thinking about security at the time because it's a trivial piece of code that "won't make it into a production environment". You can tell them they shouldn't be doing what they are doing all you want, but that doesn't fix the security problem. Fix the tools, don't blame people for using them as best they know how.

tokenrove on Dec 4, 2013 [–]

I think there are limits. How do you "fix" assembly language without simultaneously breaking it? The best way to fix C is to use OCaml or Rust or something instead.

EpicEng on Dec 4, 2013 | [–]

Yeah... if only I could get an OCaml compiler for my micro...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact