Closed taoeffect closed 8 years ago
There is also the option of using a language like Elm or ClojureScript or TypeScript and creating native desktop apps out of them using Electron or similar (& something like Cardova for mobile).
Changed title to just be "non-C++". I'll use this comment to list various safer (and interesting) languages Ricochet could be implemented in.
Meh. Ricochet should end up relatively isolated behind Tor. Is it using authenticated hidden services yet? If not, work on that first. If so, we're only facing attacks by contacts, so maybe a little quality time with valgrind
first.
As for alternative language choices :
Me and some friends have started implementing the ricochet protocol in Haskell. It was our project at JugendHackt Berlin (A hackathon) and we’re still working on it. You can take a look at it: https://github.com/Jugendhackt/haskell-ricochet
@shak-mar That's great news! Very cool stuff! :+1: Posted a tweet. :smile:
It's entirely possible to write secure software in C or C++. Ricochet is also focused on being usable secure software, which is part of the reason for using C++; Qt gives us the ability to write a decent user interface.
There are also some prototype Go implementations by others. Maybe we should collect these on a wiki page somewhere.
https://github.com/yawning/ricochet https://github.com/s-rah/go-ricochet
It's entirely possible to write secure software in C or C++.
No one said it wasn't possible. C and C++, however, make it far more likely that the software will have security related bugs, and just bugs in general.
Maybe we should collect these on a wiki page somewhere.
I think that's a great idea!
I've started one here: https://github.com/ricochet-im/ricochet/wiki/Third-Party-Implementations-of-the-Ricochet-Protocol
Are these just leveraging the control API and not running their own instance of Tor like richochet C++ client does?
C/C++ and security do not mix.
These languages are ancient, prone to vulnerabilities, and should be discarded for security-related projects.
Since Ricochet has defined a protocol, it makes it easier for someone to create an implementation in safer languages.