Rust certainly isn't perfect for everything, but for low-level code, including firmware, I am not aware of any better languages at this time. You get all the control you need, and the biggest class of bugs and vulnerabilities is prevented at compile time.
Rewriting complex code bases from scratch is not a good idea for stability, and therefore the piece by piece conversation really seems like the best way forward if you have a lot of C/C++ legacy code (and no, there is no practical solution to make that code safer without changing to a memory safe language in the process, whichever one it may be).
This post by @lozano gives excellent practical advice on how to do that.
https://infosec.exchange/@lozano/113080200541762841
=> More informations about this toot | More toots from rene_mobile@infosec.exchange
@rene_mobile @pmdj Apple would probably put a good shout in for Swift given they’re already using it for low level stuff (IIRC the Secure Enclave firmware on Apple Silicon devices is written in Swift now)
=> More informations about this toot | More toots from pilky@mastodon.social
text/geminiThis content has been proxied by September (3851b).