Software Unscripted Securing Evolving Software with Noah Hall
16 snips
Sep 20, 2025 Noah Hall, a programming language creator and technical leader at Norway's largest news company, shares insights on the evolution of software. He discusses the benefits of moving from complex platforms like WordPress to simple HTML for increased security and lower maintenance. Noah dives into the trade-offs between building custom solutions and using frameworks, highlighting performance vs. security risks with examples like Spectre. He also examines the impact of generative AI on software development, balancing accessibility with governance needs.
AI Snips
Chapters
Transcript
Episode notes
Rolling Releases Increase Supply-Chain Trust Risks
- Rolling releases give fast performance/security gains but increase trust in packagers and risk accidental distribution of compromised versions.
- Staged stable releases reduce such supply-chain exposure at the cost of slower updates.
Performance Gains Can Hide New Vulnerabilities
- Performance-focused changes can unintentionally introduce security vulnerabilities, especially in low-level languages like C/C++.
- Every upgrade bundles fixes and new risks, so evaluate changes beyond feature lists.
Bundled Crypto Avoids Unsafe Assembly
- Rock added cryptographic algorithms to its standard library to avoid unsafe inline assembly and timing-attack pitfalls.
- The team chose built-in vetted implementations instead of making the language memory-unsafe.