> Cool, let me know how to improve the code security on my vendor compiler then, I'll be waiting.
Switch to std::span and add 1 line to std::span::operator[] to check your bounds...
I don't think std::span is bounds checked. Try again.
Readit Newscarbotaniuman commented on Retrofitting spatial safety to lines of C++ security.googleblog.com/2... · Posted by u/jandeboevrie
carbotaniuman commented on Retrofitting spatial safety to lines of C++ security.googleblog.com/2... · Posted by u/jandeboevrie
> I've used vendor-specific C++ compilers with no bounds checking and a barely conforming stdlib, so by your logic C++ has zero bounds checking...
I literally said exactly that: "The standard doesn't require any checks to begin with."
> Defaults matter!
Sigh... nobody claimed otherwise. You're really missing the point of the thread.
All I did was give people a tip on how to improve their code security. The exact sentence I wrote was:
>> "If you want bounds checking in your own code, start replacing T* with std::span<T> or std::span<T>::iterator whenever the target is an array."
"BUT DEFAULTS MATTER!!!", you rebut! Well OK, then I guess keep your raw pointers in and don't migrate your code? Sorry I tried to help!
Cool, let me know how to improve the code security on my vendor compiler then, I'll be waiting.
carbotaniuman commented on Retrofitting spatial safety to lines of C++ security.googleblog.com/2... · Posted by u/jandeboevrie
> It does, on explicitly bounds-checked accessors like .at, which span is gaining for C++26.
When I said "the standard doesn't require this" I clearly was not referring to C++26, which does not even exist yet. In any case, I'm not sure what the point of this pedantry is. I'm pretty sure the point was clear.
> But you originally implied using span was sufficient, you didn't mention LLVM's libc++ hardening.
Because this isn't LLVM-specific, every major STL has bounds checking. You just gotta enable it for your toolchain. Sorry I didn't list every single flag, I guess?
> (You even mentioned iterators which, I just quoted, might not be bound-checked on fast mode either.)
Which is why I had _LIBCPP_ABI_BOUNDED_ITERATORS, right? I'm not on HN to write comprehensive documentation for every toolchain, I'm just writing a quick tip for people to look into.
All this pedantic quibbling over "this isn't required by the standard by default" is just pointless arguing for the sake of arguing on the internet. For all the performance freaks who really care about this: no language I know of guarantees optimizations in the standard, so if you're relying on optimized performance, you're already doing nonstandard stuff.
And practically every major compiled language you love or hate has a way to enable or disable bounds checking, letting you violate their "standard" one way or another. D itself has -boundscheck, C++ has toolchain-specific flags, Go has -gcflags=-B, etc...
I've used vendor-specific C++ compilers with no bounds checking and a barely conforming stdlib, so by your logic C++ has zero bounds checking... Defaults matter!
carbotaniuman commented on Retrofitting spatial safety to lines of C++ security.googleblog.com/2... · Posted by u/jandeboevrie
Some people believe that the Church-Turing intuition doesn't tell us anything about humans, that what humans are doing isn't computation but something more powerful. In my experience their lack of evidence for this belief just makes them believe it even harder, and they often write whole books which are in effect the argument from incredulity but expanded to book form.
There is no proof that humans are just glorified Turing machines and even as a nonreligious person, I find such a statement to be as lacking in evidence as those that claim humanity has some soul or similar that cannot be replicated.
The actual logic of gggp's statement also doesn't make any sense. We as humans also under and overestimate the soundness of programs.
Sometimes, a perfectly fine solution is massaged to better adhere to best practices because we can't convince ourselves that it's correct. Rust requires that we convince the compiler, and then we know it's correct via the compiler's proofs, instead of requiring us to do the proof all the time.
carbotaniuman commented on Show HN: CNC Microscopy for Fun anfractuosity.com/project... · Posted by u/anfractuosity
Piracy is not a technical definition but a legal one.
If you zip/print/scan/ocr/train ML on/restore from ML its still piracy even though none of the pixels are directly transferred.
The ML one seems to not be piracy from a legal POV.
carbotaniuman commented on Show HN: Io_uring for Ruby github.com/digital-fabric... · Posted by u/ciconia
The whole point of IO uring is to be fast by reducing the number of system calls per request.
If you then process your requests in the slowest programming language, you add back at least 100x the overhead.
It doesn’t make sense to me.
One way you can think of this is speeding up the "slowest programming language". And removing/reducing blocking calls has benefits for languages like Ruby too.
There is no general algorithm to symbolically compute all integrals. All we have are partial algorithms which consist of big rulebooks for the cases we’ve already solved.
It also turns out we can’t even verify, in general, the result of integration:
Suppose you are given two functions, f(x) and G(x), and are told that G(x) is an antiderivative of f(x). So then you let g(x) = G’(x), the derivative of G(x).
Now if G(x) is truly an antiderivative of f(x) then we must have g(x) = f(x) but unfortunately the problem of determining whether two functions are equal is undecidable (a consequence of the halting problem).
Does the functional equality being impossible to determine thing work for math problems? I know it works for computable functions, but math functions are pure and total so it seems easier.
i should be allowed to watch whatever state propaganda i want, i'm a big boy
15 years ago in the US this would have been uncontroversial
I'm sure the US government would have been real keen on you reading Kremlin news source 40 year ago...
What product are you envisioning that Apple doesn't offer? Rackable compute? Not worth their time.
Look at the products they make. They try to make stuff that targets the widest market possible; everybody. They try not to go for niche markets.
This is from the company that just made the Apple Vision Pro. I don't see any reason they couldn't do limited forays into enterprise.
I think more practically cars have adding driver assistance feature for a while now - more cameras, blind spot monitoring, ultrasound for parking, lane drift indicators.
It is therefore not unreasonable to assume that adding more sensors is helpful (but even the old adage of more data is better than less would probably say that).