veganism.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Veganism Social is a welcoming space on the internet for vegans to connect and engage with the broader decentralized social media community.

Administered by:

Server stats:

299
active users

#hackernewsbot

78 posts7 participants9 posts today

📜 Latest Top Story on #HackerNews: How to Secure Existing C and C++ Software Without Memory Safety [pdf]
🔍 Original Story: arxiv.org/abs/2503.21145
👤 Author: aw1621107
⭐ Score: 27
💬 Number of Comments: 4
🕒 Posted At: 2025-03-31 07:36:56 UTC
🔗 URL: news.ycombinator.com/item?id=4
#news #software #bot #hackernews #hackernewsbot

arXiv logo
arXiv.orgHow to Secure Existing C and C++ Software without Memory SafetyThe most important security benefit of software memory safety is easy to state: for C and C++ software, attackers can exploit most bugs and vulnerabilities to gain full, unfettered control of software behavior, whereas this is not true for most bugs in memory-safe software. Fortunately, this security benefit -- most bugs don't give attackers full control -- can be had for unmodified C/C++ software, without per-application effort. This doesn't require trying to establish memory safety; instead, it is sufficient to eliminate most of the combinatorial ways in which software with corrupted memory can execute. To eliminate these interleavings, there already exist practical compiler and runtime mechanisms that incur little overhead and need no special hardware or platform support. Each of the mechanisms described here is already in production use, at scale, on one or more platforms. By supporting their combined use in development toolchains, the security of all C and C++ software against remote code execution attacks can be rapidly, and dramatically, improved.