Does anyone want to tell Linus Torvalds? No? I didn't think so. //

The report on Product Security Bad Practices warns software manufacturers about developing "new product lines for use in service of critical infrastructure or [national critical functions] NCFs in a memory-unsafe language (eg, C or C++) where there are readily available alternative memory-safe languages that could be used is dangerous and significantly elevates risk to national security, national economic security, and national public health and safety."

In short, don't use C or C++. Yeah, that's going to happen.

If this sounds familiar, it's because CISA has been preaching on this point for years.

Some adults over 40 have shoulder pain, but nearly all have “abnormal” joints. //

The authors argue that the findings suggest clinicians should rethink MRI findings, changing not just how they’re used, but also how they’re explained to patients. The language in particular should change given that “abnormalities” are ubiquitous—thus normal—and shouldn’t be described in terms that indicate a need for repair, like “tear.”

“While we refer to these findings as abnormalities, many likely represent normal age-related changes rather than clinically relevant structural changes,” the authors write. “Adopting more precise and less value-laden terminology—such as lesion, defect, fraying, disruption, structural alteration, or degeneration—may help reduce patient anxiety and the perceived need to do something or fix something by avoiding language that implies trauma or a requirement for repair.”

Rust is one component of it. Adopt it, forbid the "unsafe" keyword, and in theory you end up with code far less prone to memory mis-use errors.

However, when one looks at today's hardware, MELTDOWN / SPECTRE and similar are all about memory misuse / mishandling within CPUs. And it's interesting to consider what can be done about that. There have been articles here on El Reg on the topic of the need to get rid of C in the hardware sense too. C / C++ and today's libraries for them all assume that its running on a Symmetric Multi Processing hardware environment (for multicore hardware). But, the hardware hasn't actually looked like that for decades; SMP is a synthetic hardware environment built on top of things like QPI, or HyperTransport (or newer equivalents), and these cache-coherency networks are what is causing MELTDOWN / SPECTRE faults which the CPU designers are seemingly powerless to fix. Apple's own silicon has recently been found to have such faults - they're unfixable in M1, M2, and they've not disabled the miscreant feature in M3 even though they can.

So, it looks like we should be getting rid of SMP. That would leave us with - NUMA.

We've had such systems before - Transputers are one such example. //

Shared Memory is, Today, no Different to Copied Memory

The classic "don't copy data, send a pointer to data if you want it to be fast" is maxim that should have died decades ago. It was only ever true in actual SMP environments like Intel's NetBurst of the 1990s.

Today, for one core to access data in memory attached to a different core, pretty much the same microelectronic transactions have to take place as would be required to simply copy the data.

Ts'o, Hohndel and the man himself spill beans on how checks in the mail and GPL made it all possible

A team of neuroscientists at Carnegie Mellon and the University of Pittsburgh have discovered that when the prize gets too big — like Olympic gold — the brain becomes overly cautious, slowing down the neuron activity that prepares the body for motor movements the body usually does smoothly and without hesitation. //

But even before these findings, scientists had figured out that overthinking destroys an athlete’s normal fluidity.

Contrary to what password managers say, a server compromise can mean game over.