Episode Details
Back to EpisodesMemory Safety with Yael Grauer
Season 3
Episode 5
Published 3 years, 1 month ago
Description
Yael Grauer joined Bryan, Adam, Steve Klabnik, and the Oxide Friends to talk about her recent Consumer Reports article on memory safety and memory safe languages. How do we inform the general public? How do we persuade practitioners and companies? Thanks for joining us, Yael!
In addition to Bryan Cantrill and Adam Leventhal, we were joined by special guest Yael Grauer, and Steve Klabnik.
Some of the topics we hit on, in the order that we hit them (experiment in turning the show live-chat into notes):
- Nahum: https://www.backblaze.com/blog/the-3-2-1-backup-strategy/ if anyone wants to read up on the 3-2-1 Backup strategy. 👅
- Cyborus: can we get a link to the talk?
- Nahum: https://www.youtube.com/watch?v=Q9s2NxILBK8
- Nahum: https://digital-lab-wp.consumerreports.org/wp-content/uploads/2023/01/Memory-Safety-Convening-Report-.pdf via https://digital-lab-wp.consumerreports.org/2023/01/23/new-report-future-of-memory-safety/
- Nahum: https://en.wikipedia.org/wiki/Pegasus_(spyware)
- Cyborus: "can we talk" => "hey. you. have a panic attack. anyways i got a cool sandwich"
- AaronW: "of course we should have seatbelts" 😄
- MattCampbell: but then you've got the C die-hards who say that Rust itself is too complex
- AaronW: https://twitter.com/markrussinovich/status/1571995117233504257?s=46
- DanCrossNYC: People used to say the same thing about PL/I and recently the COBOL people have been saying the same thing. Nothing new under the sun.
- statuscalamitous: https://blog.yossarian.net/2023/02/11/The-unsafe-language-doom-principle
- DanCrossNYC: People who still want to treat C as a high-level assembler are saying the same stuff the PL/I people were saying when I was young.
- Eric Likness - carpetbomberz.com: In support of Yael, Ralph Nader wasn't/isn't an automotive engineer and he could still argue for lowering safety risks to car buyers. It's advocacy.
- cdaringe: As an ocaml user, i was hoping revery would take off https://github.com/revery-ui/revery
- statuscalamitous: https://press.princeton.edu/books/hardcover/9780691174952/the-tyranny-of-metrics
- Saethlin: Wake up babe, new 0xide reading assignment dropped
- AaronW: Labelled like a can of pringles -- "20% more malloc() free()!"
- Nahum: Relevant to rules based accounting: https://www.schneier.com/blog/archives/2023/02/hacking-the-tax-code.html
- drew: Rigorous definitions of “unsafe code” just wont cut it ig
- ig: 40% less direct pointer arithmetic than the leading brand of operating systems
- a172: