the primary source of this is annoyingly hard to track down for legislation that passed Congress and was signed by the President.

it turns out that’s because it was part of H.R.815 - “Making emergency supplemental appropriations for the fiscal year ending September 30, 2024, and for other purposes.”

if you want to read the actual text of the law, this PDF starting on page 61.

the gist is that it’s illegal to:

Providing services to distribute, maintain, or update such foreign adversary controlled application (including any source code of such application) by means of a marketplace (including an online mobile application store) through which users within the land or maritime borders of the United States may access, maintain, or update such application.

everyone calls this a “ban on TikTok” and it kinda annoys the shit out of me, because as far as I can tell, the website tiktok.com is probably still going to be available in the US.

what this law actually does is require Google and Apple to remove TikTok from their app stores, for US-based users. and makes them subject to a fine of $5000 per user if they don’t comply.

I’m generally in favor of more regulation of tech companies…but this is a really fucking stupid way to do it.

oh golly why would anyone do such a thing

here’s a totally unrelated news article from about a year ago: UnitedHealth uses AI model with 90% error rate to deny care, lawsuit alleges

you read a post about how awesome C is, asking why more people don’t use it and instead gravitate towards replacements.

you ctrl-F for “security” - no mention

“buffer overflow” - nope

“memory safety” - nothing

“undefined behavior” - nada

this is sort of a reverse Chesterton’s Fence situation. the fence is getting replaced, and you’re talking about how great the old fence was, without understanding any of the actual problems it had.

you wrote some C and found it simple? OK, great, congratulations.

go work on a C codebase that spans 100 or more engineers all contributing to it.

go write some C code that listens on a TCP socket and has to deserialize potentially-malicious data received from the public internet.

go write some C code that will be used on an aircraft and has to comply with DO-178C.

and so on. after you’ve done that, come back here and tell us if you still think it’s “simple and effective” and “applicable everywhere”.

there is a reason C has stood the test of time over many decades. but there is also a reason it is being replaced with more modern languages.