[erlang-questions] Erlang VM in Rust
Sat Sep 23 09:09:19 CEST 2017
> Joe you are still ignoring the elephant in the room that C is a
> memory-unsafe programming language and that you are suggesting putting it
> in IoT stuff. That's a security disaster waiting to happen.
These days I am getting a little confused about what "IoT" actually
means. I thought it was lots of small devices, but the last couple
of talks I've view seem to take it as synonymous with the cloud.
Let's go with the first definition: talking teddy bears, internet-
connected lightbulbs, sensors using MPS430 CPUs and the like.
All the "IoT" operating systems I know of are written in C
(like Zephyr and RIOT) or C++ (like mbed OS). Putting C in
IoT stuff is not a new suggestion. (Nor is the claim that
it's the internet of insecure things new (:-).)
Joe was explicitly talking about much as much as practically
possible to Erlang, reducing the amount of C to perhaps just
the emulator. C was originally designed for small systems
(MPS430 size, in fact) where it was possible for one person
to read all the code carefully in a reasonable time.
I note that there are a number of tools to dramatically
improve the reliability of C programs. For just one
example, there is the "Memory-Safe C compiler".
(It's remarkable how many let's-make-C-better tools have
been developed in CAML.)
There's even a memory safety checker nesCheck for the
nesC C-like language used with TinyOS.
I could sit here all night citing papers about static
and dynamic checkers and verifiers for C. "In C" and
"in a memory-safe language" do NOT have to be exclusive
More information about the erlang-questions