search

hammad93 / time_crypt

A cryptographic function that enables decryption based on units of time or a deadline.
Creative Commons Zero v1.0 Universal
1 stars 0 forks source link

Safer languages #13

Closed hammad93 closed 4 months ago

hammad93 commented 6 months ago

This issue tracks whether it's still a good idea to use Python here because it's not memory safe. NIST recommends some of these here, https://www.nist.gov/itl/ssd/software-quality-group/safer-languages

Among them include Rust and stuff from Ada

hammad93 commented 4 months ago

This project is both research focused and the ability to run it securely in operations. By switching to another language, we are prioritizing the operations of the project which may reduce or eliminate all research capacity.

This pattern goes,

  1. Discover a theory to implement and attempt to integrate it into code
  2. Rejected because the software design restricts almost everything because of security
  3. Software becomes adandonware and ironically becomes less secure because it's broken

Although there are safer languages than Python, is it an unsafe language? Is it worth it to rewrite the entire codebase? Also, what kinds of security guarantees do these other languages have over Python?

There are aspects like memory and thread safety that need to be addressed, but it doesn't require rewriting the codebase into another programming language.