Thread replies: 19
Thread images: 2
Thread images: 2
Anonymous
Are Golang and Rust the end of PWN as we know it? 2017-08-29 06:27:32 Post No. 62151103
[Report] Image search: [Google]
Are Golang and Rust the end of PWN as we know it? 2017-08-29 06:27:32 Post No. 62151103
[Report] Image search: [Google]
File: hackerman.png (825KB, 700x700px) Image search:
[Google]
825KB, 700x700px
Are Golang and Rust the end of PWN as we know it?
Anonymous
2017-08-29 06:27:32
Post No. 62151103
[Report]
Given that these languages are safe, don't use pointer arithmetic, compile to binary and sell themselves as the succesors of C. If the industry starts using them, are we going to see the last buffer overflows in Human History?
>>
>>62151103
wut ?don't use pointer arithmetic, compile to binary
>>
>>62151103
>the only security-sensitive bugs are memory management issues
lol pajeet
>>
Go is shit kek
>>
C++ fixed the buffer overflow issue a long time ago by using containers yet queers and trannies keep using C for no reason
>>
>>62151606
Point taken, I might have not asked the question correctly. I was talking about buffer overflows and how their non existence somehow prevents script kiddies to throw shellcode to a service (if they manage to bypass the firewall).
>>
>>62151725
Go or rust can't fix SQL injection
>>
>>62151802
I repeat, I was talking about buffer overflows, and how they could affect the system in case a script kiddie used metasploit on a service. Not some pajeet-introducing-shitty-code vulnerability.
>>
>>62151825
Java doesn't have memory bugs either and Go/Rust probably won't replace C/C++ as much as Java did
>>
>>62151880
Thing is, Rust and Go case uses usually go "closer to metal" sort to speak. Java is usually an Application language. And therefore not the kind of app whose say, network primitives, get attacked.
But it's true though, there hasn't been a lot of buffer overflows in Java on the server (we have the whole applet ordeal but that's another story)
>>
>>62151103
yes, same with RAP
>>
>>62151978
Go being close to the hardware is a meme (it uses GC) and Rust might not ever get low-level embedded usage like C.
>>
>>62152040
Golang still has stuff like Docker, that runs below applications. This kind of services are difficult to pawn because they're made in golang.
Thing about this is, in 10 years, are we going to have "Hackers" that "Pawn" us because of buffer overflows?
>>
>>62152116
yes because buffer overflows are super simple to cause in Go.
examplevar a [5]int
a[5000] = 10
>>
>>62152210
catched at compile time, but something like b := a[:]; b[5000] = 10 works. But produces runtime error. That is stricter than segfault.
>>
>>62152116
Docker runs on kernel features, Go part just controls it.
>>
>>62152295
>b := a[:]; b[5000] = 10 works. But produces runtime error. That is stricter than segfault.
Mind = Blown (just started learning golang)
>>62152295
Yeah, bear in mind you can run rootless containers now, so there are no risks of host takeover because of it (theoretically)
>>
>>62151103
>go
No
>rust
Is just a containment language for SJWs. They can work on their rust projects, and not disturb real projects.
>>
File: MrNormie.jpg (68KB, 740x426px) Image search:
[Google]
68KB, 740x426px
>>62151103
I hate that show
Thread posts: 19
Thread images: 2
Thread images: 2