Keynote: Safety and Security: The Future of C and C++ - Robert Seacord. - NDC TechTown 2023

preview_player
Показать описание
This talk was recorded at NDC Techtown in Kongsberg, Norway. #ndctechtown #ndcconferences #cplusplus #security #softwaredeveloper

Attend the next NDC conference near you:

Subscribe to our YouTube channel and learn every day:

Safety and security are viewed as an existential threat by the C++ community and "business as usual" by the C community.

This keynote discussed the requirements for developing C and C++ software for safety-critical and security-critical software, approaches to meeting these requirements, and the future of C and C++ in these domains.
  1. NDC Conferences
  2. Robert Seacord
  3. C
  4. Security
  5. NDC
  6. Conferences
Рекомендации по теме
Keynote: Safety and 2:01:14

Keynote: Safety and Security: The Future of C++ - JF Bastien - CppNow 2023

Keynote: Safety and 0:57:29

Keynote: Safety and Security: The Future of C and C++ - Robert Seacord. - NDC TechTown 2023

Keynote: Safety, Security, 1:28:00

Keynote: Safety, Security, Safety and C / C++ - C++ Evolution - Herb Sutter - ACCU 2024

Keynote Panel: The 1:38:46

Keynote Panel: The Future of Safety and Security

Delivering Safe C++ 1:29:16

Delivering Safe C++ - Bjarne Stroustrup - CppCon 2023

ACCU 2024 Keynote 0:12:33

ACCU 2024 Keynote Preview - Interview With Herb Sutter by @cppevents

Keynote: Safety in 0:53:46

Keynote: Safety in C++: All the Safeties! - Sean Parent - C++ on Sea 2023

Safety and Security 1:34:44

Safety and Security for C++: Panel Discussion - Hosted by Michael Wong - CppCon 2023

Achieve resilience with 0:25:26

Achieve resilience with security, compliance, and identity keynote

Keynote: Measure Security 0:58:41

Keynote: Measure Security Effectively

Keynote | The 0:40:31

Keynote | The Latest Cloud Security Megatrend: AI for Security

Keynote: Evolution of 0:05:22

Keynote: Evolution of Open Source for Safe Usage in Critical Systems - Kate Stewart

Keynote Session: Xen 0:54:49

Keynote Session: Xen Safety Certification: Progress So Far... Stefano Stabellini & Bertrand Marq...

By Cybersecurity Safe: 0:09:25

By Cybersecurity Safe: Lock Your Digital Door | Leon Geter | TEDxCharleston

SEFM 2021 Keynote 1:11:30

SEFM 2021 Keynote 3 - On Safety, Assurance and Reliability: A Software Engineering Perspective

Keynote Session: Destination 1:10:10

Keynote Session: Destination Security: Status Quo & The Future Of Security Policy & Technolo...

Keynote - LockPickingLawyer 0:53:25

Keynote - LockPickingLawyer

Keynote: RISC-V Security 0:15:41

Keynote: RISC-V Security - Current Initiatives and Future Trends - Helena Handschuh

Opening Keynote and 0:44:10

Opening Keynote and Executive Interview: Safety, ADAS to AD

2023 Summit Closing 0:14:25

2023 Summit Closing Keynote Remarks by Director Easterly

Opening and Keynote 0:31:45

Opening and Keynote speeches – ASC 2021: Safety in ATM

ACCU 2024 Keynote 0:16:13

ACCU 2024 Keynote Preview - Interview With Laura Savino by @cppevents

#HITBGSEC 2018 KEYNOTE 0:45:27

#HITBGSEC 2018 KEYNOTE 1: (In)Security Is Eating The World - Michael Coates

Keynote: Security is 0:18:38

Keynote: Security is Everyone's Responsibility - Marten Mickos, CEO, HackerOne

Комментарии
Автор

A superb talk. I wish I could have attended. It must be hard work if presenting to a lack-lustre, unresponsive audience. Robert made so many excellent points. Thanks!

tractorboy
Автор

Great talk Robert!! There’s a lot of wisdom and insight to learn from someone who’s been doing this for 20 years and is looking to solve underlying challenges.

christiangalvan
Автор

The community mentality resonated a lot with my experience with coworkers, I don't blame them that's how they were taught. But this talk is surely something I can show them.

NotherPleb
Автор

12:10 This might be UB even without overflow. The result of adding an integer to a pointer must point to an element from the same array or at most one element past it. And if it's, let's say, two elements past the end of the array, it's UB already even without overflow.

bmazi
Автор

I sympathise with the conclusion of this talk. I think C is just fine, it's a small, simple, performant language that has fulfilled its reason for being very well, that being enabling Unix to escape from assembler into a portable language. C can continue to fill such roles. C should stay simple, such that, say, one man can write a C compiler in a reasonable time frame. I'm sure there are some aspects of undefined behaviours that can be tightened up a bit though.

Meanwhile C++ is an out of control, giant monster forever gaining more ugly and unwieldy warts (features). There is no hope of ever making it a "safe" language in which to write robust, reliable, software. As language at a much higher level than C we have many better alternatives today.

Heater-v..
Автор

So what happened? Back in the 1980s/90s we had the Ada langauge for those that wanted to created robust, reliable software. Then everyone decided to drop it in favour of the extremely error prone C and C++. I think it would be very good to get back to those expectations of quality that we had in the Ada days and the ALGOL days before that. To that end we have the likes of Rust tackling the problem.

Heater-v..
Автор

IMHO conclusion is too optimistic. C could become obscure legacy language quite fast like COBOL because nobody wants to program in it. There are a plenty of more DX friendly options now.

doBobro
Автор

Awesome talk! Thanks for sharing, always enjoy hearing Robert talk. Hope to meet IRL someday.

deadbeefmonster
Автор

Is this pointer + size integer overflow actually relevant on any OS today with 64 bit esp. when the processor only uses 48 Bit of the address? Was it even relevant on 32 Bit OS's? And then still a overflow into the "good" area could happen giving potentially a logic error.
Do buffer overflows still have a relevant impact in current software quality?
Isn't the obsession with ultimate "safety" on a isolated aspect leading to the ignorance of the whole picture and other, more pragmatic safety issues?

raymundhofmann