Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This case is easy. No need to rewrite: deleted code is even safer than Rust.

Apart from Rust, Wuffs is also a good candidate for codecs: https://github.com/google/wuffs/blob/main/doc/wuffs-the-lang...

Too bad that Swift isn't that good for low-level codecs, so a Swift rewrite of Messages couldn't remove C dependencies.



If the code can't be deleted then an alternative to rewriting is to sandbox it like Firefox recently started to do with wasm. That would have kept any exploit in the sandbox - let them have fun in there with that 70,000 step program where it can't touch anything...

Sandboxing using wasm has around 10% overhead, so a full rewrite might end up running faster. But recompiling the code takes less time and effort and will not introduce new bugs, so it's a useful option too.


The sandbox mentioned on the article as the mitigation done by Apple, makes use of Swift.

https://googleprojectzero.blogspot.com/2021/01/a-look-at-ime...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: