Connect with us


The creator of C++ criticizes an NSA report that defends the superiority of ‘safe languages’ like Rust

Two years ago, Google claimed that the 70% of high severity vulnerabilities in Android were due to memory errors in C and C++ languages that continue to form the basis of the mobile operating system. That data was raised as the reason to then introduce Rust in the development of Android.

Last November, The US National Security Agency (NSA) released a brief report titled ‘Software Memory Safety’ (PDF) in which he explicitly recommended to stop using the ancient (and very popular) programming languages ​​C and C++ in favor of ‘languages ​​with safe memory management’, whose best-known examples would be C#, Java, Ruby or the booming Rust.

But now the Open Standards Project portal has published a document (PDF) that answer the one from the NSAtitled “A call to action: think seriously about security and then do something sensible about it”; its author is none other than Bjarne Stroustrup, a Danish computer professor who created the C++ language in 1979. In this response to the original report, our protagonist launches into an argument against what he perceives as an oversimplification on the part of the US federal agency:

“Now if I considered one of those ‘safe’ languages ​​to be superior to C++ for the range of uses I’m interested in, I wouldn’t view the demise of C/C++ as a negative, but that’s not the case. As described [por la NSA] ‘safe’ is limited to the safety of memory, leaving out a dozen different ways a language could (and will) be used to violate any kind of protection.”

This is the free course that Google uses to learn the Rust language.  You can also do it freely

The programmer career in 2017 and in the future (with Javier Santana)

“There is no single definition of security”

Stroustrup is clear that “ignoring security issues would harm large sections of the C++ community and it would undermine a lot of the rest of the work we’re doing to improve C++”, but for that reason he proposes not to give in to those who see Rust and co. as the solution to such problems: “we can achieve various kinds of security through a mix of programming styles, add-on libraries, and static analysis applications“.

An example of such libraries would be SLIMalloc, which according to its author makes C a language “more secure than ‘memory-safe’ languages”. The C++ creator also mentions another document of his authorship (PDF) that “provides a brief summary of the process” that he proposes.

Submits that a static analyzer that adheres to the basic C++ guidelines developed in recent years can ensure code security at a much lower cost than needed to start a code transition to new languages. Some of these guidelines have already been implemented in the static analyzer of MS Visual Studio, or in the Clang-Tidy.

C++ has been the programming language of 2022, according to TIOBE: eight best courses to learn it for free from 0

He also points out that if we work in application domains that prioritize performance over type safety, they could “apply security guarantees only when necessary and use our favorite tuning techniques” in all other cases.

Similarly, Stroustrup states that

“Unfortunately, much of C++ code is stuck in the distant past, ignoring improvements, including ways to drastically improve security. [Pero] billions of lines of C++ code aren’t going to magically disappear, and even ‘safe’ code (in any language) will have to call or be called by traditional C or C++ code that offers no specific security guarantees.”

Via | slash dot

Image | Based on original by TheTrueAPlus (via Wikipedia)

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


It’s a scam and in the end only you pay

Job offers promising high wages for 20 minutes of work a day; and, furthermore, with a multinational and recognizable company behind it, such as Amazon. It could only get better if, instead of you trying to convince them to hire you, company representatives contact you to encourage you to work with them.

Sounds good? Too good to be true, specifically? Well, that’s because it’s not even close to true. This is the umpteenth online scam in which in the end the only one who pays money is you.

During the second half of last year, several Latin American media (from countries like Mexico, Argentina, Bolivia or Colombia) echoed a campaign of sending messages through WhatsApp in which a “Amazon project business manager” introduced himself claiming to be hiring a “part-time” team, specifically “10 to 20 minutes”. Wow, the days are short on the other side of the Atlantic.


The scam jumps the puddle

But now, the scam has crossed the ocean and the “commercial manager” is no longer the one who contacts the potential “signings” of the company, but the person who writes to us identifies himself as ‘Amazon platform receptionist’. Another version of the message, more impersonal, only notifies us that “Amazone Commerce recruits employees online.” Yeah, amazon.

The INCIBE warns of new phishing in Spain: you sign up for a job offer and you may end up involved in something illegal

The salary varies between “8-500” (8,500? Between 8 and 500?) US dollars for one version of the message and 36,000-240,000 ‘CLP’ (abbreviation for Chilean pesos) for the other. What does not change is the length of the working day: 20 minutes a day.

Do not trust unsolicited messages, job offers you have not applied for, or links to web domains that do not match the official one

In the message from ‘Amazone Commerce’ we are not even told what the job consists of, but we are offered to click on the “Whatsapp customer service link to start earning money”. Leaving aside that We don’t know what WhatsApp looks like in this, the truth is that the URL (from domain ‘’) provides little security.

In the other version of the message, the receptionist tells us that the job is to help her “process Amazon orders,” and then explains that the company “need different IP addresses to help the store increase sales and exposure”.


The two versions of the message that are being distributed (Image via


In any case, if we answer that we are interested, we are encouraged to continue the conversation on the Telegram application. There we will be told that we are perfect for the job (once we have confirmed we have credit card), we will be asked to create an account on a platform without any connection to Amazon (‘’) and send a screenshot to show that we have met that requirement.

It is there where the ‘contracted’ user will begin to carry out tasks of 20 minutes a day for which theoretically they are going to pay us, but then the scammers will try to convince the now scammed to enter small amounts of money to be returned with commissions


‘Work’ interview via Telegram (Image via

…until the victim reaches a certain amount of money deposited and at that moment you lose access to the platformwithout the possibility of contacting anyone to demand the return of the money.

Amazon is a regular target of impersonators from Internet companies and, of course, has nothing to do with these messages. In fact, the company warns that they never use messaging applications for work communications.

Via |

Image | Xataka Mexico

In Xataka | The web has been filled with ghost job offers (and for companies it makes all the sense in the world)

Continue Reading


The Police warn of the danger we expose ourselves to when we scan QR codes in any bar or restaurant

One of the most visible and lasting consequences of the pandemic has little to do with the health field; We are talking about the rise of QR codes in all kinds of bars and restaurants. In a short time, they went from being an exotic resource to being available in many places and now, when even masks are part of the past, these particular graphics continue to be an alternative or complement to the physical menu.

The most common thing for a QR code is to use it as a ‘bridge’ to access the web version of the letter or menu from our mobile device (most already integrate the function of scanning QRs into the Camera application). In other cases, you can direct us instead to the mobile app of the venue, to a simple text, or to an event or geographic coordinates.

In any case, create and print a QR that redirects to any online resource we want is something that is in the hands of literally anyone. And so, Despite its many advantages, it also opens an obvious door for malicious uses.. And forces us to have so much be careful when scanning a QR code like the one we have when clicking on a link in an e-mail or SMS.

Ransomware: what it is, how it infects and how to protect yourself

Police advise you to be careful what you scan

For this reason, the Police have begun to spread, from their TikTok account, recommendations to keep a close eye on what we scan with our smartphone:

“Sometimes these codes can be malicious, and can download viruses or any type of malware to your device.”

“If you want to be totally safe, install software that detects them.”

QR codes and their privacy risks: when even scanning a simple menu can make it easier for us to be tracked

If you don’t know which software to install, you can take a look at this recommendation of the 9 best antivirus for mobiles in Xataka Android.

But of course, Downloading malware isn’t the only bad thing What can happen to us if we come across a malicious QR. There is always the possibility of falling for a phishing attack, in which we are sent to a website that supplants that of the place where we find it, or that of a financial institution or payment gateway:

“Be very careful if they ask you for any personal data on the web you access. And activate all the alerts if they ask you for any amount of money.”

And finally, we cannot assume that it is a legitimate QR just because “it is in a restaurant”… because a third party may have given him the ‘big change’. This is what the police say about it:

“If you find it in any bar or cafeteria, before scanning it, make sure that it is not a sticker stuck on the original QR”.

“If you have any kind of doubt, consult the establishment. And if you are a victim, report it.”


Attention with the #QR codes 👀 #police #tips #seguridad #aprendeentiktok

♬ SUN GOES DOWN – Andreas Roehrig

Image | Bing Image Creator

In Genbeta | 16 tips from the AEPD to better protect ourselves against tracking our steps on the Internet


Continue Reading


This old shortcut clears your entire screen on any version of Windows. And it returns it to its state with pressing it again

When using a computer, regardless of the operating system you have, there are two types of people: those who are highly organized and cannot have more than two windows open at the same time, and others who open many programs or tabs simultaneously, causing Chaos reigns on the desktop. But for these latter people, there are some keyboard shortcuts that can be really useful to be able to clear the chaotic view they have on the screen in a few seconds.

And it is that when you have many windows open from the browser or from another program, seeing the desktop again is a cumbersome task. The first thing that occurs to you is minimize each of the windowsbut this is a tedious process, especially when you spend many hours without closing anything.


Windows + D: the keyboard shortcut that will bring order to your desktop

To be able to do it in a much faster way, you can resort to the very productive keyboard shortcuts. Although many of them are unknown, and we only stick to the classic copy and paste, the truth is that They have great potential for day to day of anyone.

Key G6563da8b4 1280

And for this action of minimizing all the windows on the desktop, there is an old shortcut that will perfectly fulfill this task and that works exactly the same in all versions of Windows. We talk specifically about Windows + D keyboard shortcut.

By pressing this key combination, all the windows that you have open will be minimized to be able to consult that file that you have on your desktop and that you needed to consult quickly. But in case you need to return to the chaotic state with all windows open, You will be able to do it by pressing this keyboard shortcut again.

My favorite Windows keyboard shortcut for finding many useful tools and traveling back in time

In addition to the shortcut, we must also remember the possibility of pressing on the right side of the taskbar in the latest versions of Windows. By clicking on this end you will be able to achieve exactly the same as with the keyboard shortcut when clearing your screen, but also by clicking on it again you can leave it as at the beginning.

Photos | Daniel Agrelo, AnonymAT

In Genbeta | These are the best keyboard shortcuts for Windows 11

Continue Reading