Back to Basics: Software Memory Safety

Posted under Back to Basics, Educational, Technology on March 3rd, 2024 by

Last week, you would have probably read that the US White House released a report on general guidelines for future software to safeguard from cyberattacks. It has specifically called out coding languages C/C++ for vulnerabilities in memory safety and to move away from it in the future. Let’s discuss what the problem is and why it matters.

Memory safety in programming refers to the practice of preventing memory-related errors and vulnerabilities that can lead to unpredictable behavior of programs running any device out there, from PCs to Phones to IoT devices to satellites. Anything that software can run on can be a potential problem. Memory-related errors can cause a range of issues, from unexpected crashes to hackers exploiting the issue to steal/corrupt your data. Reports estimate that atleast 70% of the security vulnerabilities in the last 30 years have been only due to memory safety issues. Since the majority of the critical code written over the years is in C/C++, it’s a big deal to plug this issue.

C and C++ are languages that are notorious for not being memory-safe because of the way it was initially designed back in the day. Examples would be when a pointer is pointing to a memory location that has been freed or is no longer valid, OR when a program allocates memory but forgets to deallocate it and over time, this can lead to the exhaustion of available memory OR accessing array elements beyond the defined length of the array OR reading from or writing to uninitialized memory. C/C++ compilers don’t check for these errors during compile time. Since these are relatively hard to spot, the testing team reviewing the code might also not find it unless they are very experienced. There are talks about bringing these to C/C++ but I don’t think they can do that without breaking existing legacy stuff.

So what’s the solution? Use newer programming languages like Rust, Go, C#, Java, Python, etc. It’s very hard to cause memory issues with these languages. Over the years you will see people switching for good, but legacy codes will still be a problem as C/C++ still gives you the best performances.

If you liked the post, Share it with your friends!

Tech Explained: Liquid damage detection in USB Type C Connector

Posted under Educational, Technology on February 25th, 2024 by

USB Implementers Forum(The group responsible for maintaining and promoting USB standards) launched version r2.3 of the USB Type-C Cable and Connector Specification a couple of months ago. It has an interesting new feature addition giving manufacturers the freedom to create a new liquid detection pin in the standard USB Type C connector. Although the standard doesn’t mandate the exact location placement of the new pin/pads it gives general guidelines of where it can be placed. Check images. The two variations are a full-width pad running the entire length of the USB receptacle and the other being two small pads next to the VBUS and CC pins. The second one is placed in the areas where liquid corrosion is mostly found in the connectors. It will be present in both orientations.

Why is this a reasonably big deal? USB Type C connector is most likely going to be the single most common connector for virtually all human interaction interfaces for the next decade. A common failure point of this connector is liquid damage due to spilled water, coffee, sweat, falling in water etc. The liquid forms a bridge between the pins and when power is applied(5V or the higher voltage modes USB Fast chargers support) exposed metal will dissolve into free ions and these ions will migrate from one pin to another. This will form an oxide layer and it will create the greenish stuff you find when there is corrosion. These lead to improper connections or open circuits that will ruin the connector. With the new liquid detection pin, they’ve made some changes to the USB protocol standard. Now, when liquid is detected(via impedance or leakage measurement), the controller won’t turn on the USB power switch for that pin. It will even show a software error as a reminder to clean the port. No power means no electrolysis or corrosion. So, your connector stays in top shape. Apple is already doing this with the type C connectors in iPhones. Thumbs up to them!

If you liked the post, Share it with your friends!
1 31 32 33 34 35 86
Copyright © 2025 Amaldev. All Rights Reserved.