new | ask | show | jobs
woodruffw 20 hours ago  [ - ]

Speaking from firsthand experience: codec and other media processing libraries are some of the easiest software to find address leaks in.

(There are a number of reasons for this, not least being that C makes it very easy to ship partially initialized memory over the wire.)

lostglass 18 hours ago  [ - ]

Speed and security are not good bedfellows. Combine that with really shitty standards and dozens of years of development...

Oh, and licensing. Licensing is the real killer. I could just write my own mp3 decoder easily (the format not the file type) but I'm not gonna risk my company getting sued into the ground by doing that.

throwaway2037 10 hours ago  [ - ]

    > I could just write my own mp3 decoder easily (the format not the file type) but I'm not gonna risk my company getting sued into the ground by doing that.
I am confused.

    > The MP3 format is now patent-free and requires no licensing fees to distribute or use. Fraunhofer IIS and Technicolor officially terminated their MP3 licensing programs, with all core patents having expired. Anyone can encode, decode, and distribute MP3 files or software without paying royalties.
Ref: https://forum.gamemaker.io/index.php?threads/do-you-still-ha...

Ref: https://www.reddit.com/r/gamedev/comments/5stq8z/mp3_licensi...

Ref: https://www.audioblog.iis.fraunhofer.com/mp3-software-patent...

lostglass 2 hours ago  [ - ]

Sorry I was painting a broad image. I'm also worried about copyright infringement, discovery, someone switching to a different different that requires glpl, etc

woodruffw 17 hours ago  [ - ]

I don’t think this is necessarily true! Constraints can be liberating: a language that allows strong encoding of invariants makes it easier for the language’s compiler to optimize.

I agree about long periods of development and difficult standards, though.