SoylentNews is people
SoylentNews
https://www.theregister.co.uk/2018/04/04/microsoft_windows_defender_rar_bug/
A remote-code execution vulnerability in Windows Defender – a flaw that can be exploited by malicious .rar files to run malware on PCs – has been traced back to an open-source archiving tool Microsoft adopted for its own use.
[...] Apparently, Microsoft forked that version of unrar and incorporated the component into its operating system's antivirus engine. That forked code was then modified so that all signed integer variables were converted to unsigned variables, causing knock-on problems with mathematical comparisons. This in turn left the software vulnerable to memory corruption errors, which can crash the antivirus package or allow malicious code to potentially execute.
(Score: 2) by DannyB on Tuesday April 10 2018, @01:26PM
First, I think we live in different worlds. You are thinking close to the hardware. I'm thinking in terms of higher and higher level abstractions away from the hardware.
Your argument seems to be that Java is limited in capability. And that if people work hard enough they can learn to use C++ safely. That simply repeats the ancient Assembly language vs FORTRAN debates of decades ago, and we know how the high level language vs Assembly turned out in favor of high level languages despite their inefficiency.
My argument was that you should not be able to shoot yourself in the foot unless you go out of your way to do so. It should not be possible to accidentally shoot yourself in the foot.
As for limited in capability, I'll grant you that Java is definitely not a language for writing an OS, device drivers, and microcontroller code. I think I already made that abundantly clear. But for a language of "limited capability", it has libraries to do everything, and has been the #1 language on TIOBE and other language indexes for jobs for years and years now. Java is used in banks, even for high speed trading.
The fact that Java is so widely used must mean that it has something going for it. You might not recognize that that is, nor even like it. But it is very real. If there were one perfect programming language, everyone would be using it already.
I already mentioned that when arguing about runtime costs, you should be optimizing for dollars. For more memory and CPU, I get amazing runtime monitoring, dynamic class reloading, garbage collection, highly optimized compilation to native code -- for the SPECIFIC processor that we're running on at runtime, not just some generic ahead-of-time compilation to generic amd64 that will run on all processors. In short, for those machine costs you are so concerned with, I get huge business and productivity benefits. More memory and CPU is a cheap price to pay. You're thinking too low level -- for application code. But again, C / C++ are great for low level code. Just not for applications.
To transfer files: right-click on file, pick Copy. Unplug mouse, plug mouse into other computer. Right-click, paste.