Thanks Justine, you're doing the Lord's work here.
One of the best introductions I've seen to pledge() is Kristaps Dzonson's writeup on it that you can find here [1]. The whole website in general is furthermore a guide on how to write webapps in C, which may sound like a crazy idea to some people who have written it off as everything from an elaborate joke to a security nightmare that nobody should ever consider doing [2], but for people like me who end up having to write that kind of code in constrained execution environments it's been extremely enlightening and I really appreciate knowing how to do it more securely. If pledge is something I can access in Linux it really helps me out for things in the future going forward, I hope to create some cool things with it!
Awesome blog post! Writing web apps in C? That doesn't sound crazy to me. If someone told me they were doing that, then I'd just assume they're trying to compete with Google Search for the title of the world's lowest-latency high-performance scalable website. If pledge() makes you feel less guilty about going for the gold, then I'd say that's a good thing. You might also be interested in Cosmopolitan Libc's ASAN and UBSAN support. It does things like print memory diagrams with backtraces with malloc origin tracing if you do something like overrun a buffer or use a piece of memory after it's freed. ASAN has been one of the most important tools that Google used to find security issues in Chrome. So I put a lot of work into implementing greenfield support for it in Cosmo. In fact, ASAN is so important, that even languages like Rust need to use it, since it makes the unsafe keyword safe! So please try Cosmo's implementation and let me know what you think. I believe Cosmo has the highest quality ASAN implementation that's available to the open source community.
Yeah it's pretty much your best option (C or C++) when writing web apps for things like routers or for game consoles for example, which is the kind of use case I'm talking about. Your work here makes doing that so much easier and safer, which is really important considering how many routers are being exploited to be malicious these days.
It might take a little while to catch on in those use cases but I've been waiting for someone to nail the implementation for a while. It's hardly a surprise that you of all people got it down, I've been admiring your work for quite some time.
So how about those blog posts in Mayan Hieroglyphics?
Great question - you'd be surprised what kind of resource constraints these are running under which prevents the use of the execution overhead of scripted languages while focusing on routing things securely or being squeezed under the execution overhead of a 3D engine, and also what the manufacturers of game consoles actually allow you to run. For routers, they're running low-power processors like MIPS with very small memory and storage, so you want to squeeze every bit of performance out of them and if you can make the web application portion of it a few kilobytes rather than megabytes, this means a lot to the bottom line of the company building these things. As Justine (Someone who works for this company) mentioned also, if you're trying to build a competitor to Google you're probably doing it in a stack like that to stay competitive. It's why you can get a new router for like 15$ but your rasbpi with a full debian stack on it can't handle heavy networking like VPN. It's also why your average C/C++ developer is making a lot more money than your average joe writing stuff in scripted languages who's scared of these things.
Playstation's SDKs in particular is a strictly C/C++ (And I think C# via Xamarin) environment, you're not going to be making games in something like Rust or Go for that platform. Lua is an exception - see what Justine does with redbean [1], it's very lean and meant for this kind of embedded use, but something with its own full networking stack built into it like Python? Forget about that if you want to spare your users the trouble. It may compile, some may use it in their internal scripting engines, but it's just a huge why would you do that to me and everyone else I personally know involved in doing that kind of development. If we're talking about security here as well, if you know the stack you wrote from top to bottom with very small (Easier to audit), well-written libs, it's a lot more reliable to write your own if you're confident enough in these lower-level environments and using tooling for auditing (ASAN and UBSAN are real game changers as well), like what Justine mentioned here, than having to put up with some bug down the line in some interpreter you didn't write; Issuing patches for every single user just to get the interpreter's implementation secure again is what you end up doing.
Google search is a bunch of C++ code by circumstance, I'm sure it could be a bunch of Java and do just as well. A lot of Google's other properties are Java-based, so yeah. I haven't found a major difference in compensation between competent people who know different languages. Compensation bands at most companies are almost always tied to experience and role rather than language skills.
Google's use of Java came at enormous cost and aggravation of legal settlements to the tune of nearly 9 billion dollars on the line, however. [1] They won, but it would have had ugly implications for all of the rest of software if they had not. That was eleven years of legal wrangling where we were all wondering what the devil the outcome would be and for a while it was pretty ugly. The ultimate supreme court decision came as a surprise to many. Would you rather in their position ever do that again, especially in light of their new pay for play yearly subscription licensing scheme per computer for usage? [2] It's extremely limiting and costly for any organization to be tied to Oracle's product at this point.
As for salaries when looking at the data I stand somewhat corrected, you're probably right on compensation based on experience, too. It looks like the top three averages on the latest survey I can quickly find are Rust, Go, and Scala. [3]
> Google's use of Java came at enormous cost and aggravation of legal settlements to the tune of nearly 9 billion dollars on the line, however.
Google's use of Java in Android. I can't claim to know the exact details of how the company reacted to the lawsuit internally, but I will point suggestively at the fact that Google is still running most of their Java code in production and continues to write more, and their support for Java on Android stagnated at Java 8-ish and Kotlin is now heavily promoted as the language to write software for that platform.
One of the best introductions I've seen to pledge() is Kristaps Dzonson's writeup on it that you can find here [1]. The whole website in general is furthermore a guide on how to write webapps in C, which may sound like a crazy idea to some people who have written it off as everything from an elaborate joke to a security nightmare that nobody should ever consider doing [2], but for people like me who end up having to write that kind of code in constrained execution environments it's been extremely enlightening and I really appreciate knowing how to do it more securely. If pledge is something I can access in Linux it really helps me out for things in the future going forward, I hope to create some cool things with it!
[1] https://learnbchs.org/pledge.html
[2] https://learnbchs.org/