Biden administration calls for developers to embrace memory-safe programing languages and move away from those that cause buffer overflows and other memory access vulnerabilities.

White House urges developers to dump C and C++::Biden administration calls for developers to embrace memory-safe programing languages and move away from those that cause buffer overflows and other memory access vulnerabilities.

  • OutrageousUmpire@lemmy.worldEnglish
    374·
    1 year ago

    I’m not sure what to think about this. It’s bizarre, the White House making any recommendations on programming languages.

    They’re definitely not seen as an authority in this field. Why would anyone care what recommendation they make? And so why make one at all?

    • mox@lemmy.sdf.orgEnglish
      31·
      1 year ago

      They’re definitely not seen as an authority in this field. Why would anyone care what recommendation they make?

      It’s possible that they are acting on the advice of advisors who are authorities in this field.

      And so why make one at all?

      I expect it’s because information and industrial security are components of national security, which is of great concern to them, and those things depend on software.

      I’m not surprised to see this, given that state-sponsored electronic attacks are on the rise these days.

    • someacnt_@lemmy.worldEnglish
      8·
      1 year ago

      There have been words around this, like how software should be safe by design, but the regulation should come from the governing entity. This is simply materialized now, but there has been momentum.

      • rottingleaf@lemmy.zipEnglish
        2·
        1 year ago

        It’s a hard sacrifice to make, but if that means killing Windows, then mwahahaha… I mean, MS’s power lies in supporting all that legacy.

    • AA5B@lemmy.worldEnglish
      0·
      1 year ago

      Damn, it’s been like 25 years since I touched either of those. Aside from OS development, do people really do that anymore?

      • ArmainAP@programming.devEnglish
        1·
        1 year ago

        C++ is also the standard in game dev. You may see some C# here and there, but most engines, public available or otherwise, are built on C++.

        If it is a AAA game, I can assure you it is most likely made with C++.

  • omega_x3@lemmy.worldEnglish
    24·
    1 year ago

    Team Fortran raise up, but not too fast our old bones aren’t as strong as they used to be.

  • ben@lemmy.zipEnglish
    242·
    1 year ago

    Probably a good idea, plenty of languages out there that can give good performance while being memory safe nowadays.

    • hagelslager@feddit.nlEnglish
      4·
      1 year ago

      Such as? (Non-programmer here, so I don’t know the ins and outs of programming languages.)

      • ben@lemmy.zipEnglish
        7·
        1 year ago

        Zig and Rust come to mind, at least for replacements for low level languages.

        • scharf_2x40@lemmy.worldEnglish
          5·
          1 year ago

          Isn’t that only microsoft exclusive and closed source? Also does compiling it really yield the same speed as C, it is garbage collected isn’t it?

          • 𝒍𝒆𝒎𝒂𝒏𝒏@lemmy.dbzer0.comEnglish
            5·
            1 year ago

            Was always possible to compile+run C# on Linux using the Mono project. Until Microsoft “bought them out” and created .NET Core, a cross platform version of .NET that MS now encourages people to use instead…

            Microsoft’s new linux compile tools rub me the wrong way slightly, with the telemetry that’s opt-in by default.

            Mono is still extremely valuable for older .NET Framework apps under WINE though, way easier to setup compared to the official installers from what i’ve experienced.

            No idea how compiled C# compares to C…

  • Imgonnatrythis@sh.itjust.worksEnglish
    192·
    1 year ago

    I think we should politicize code. It seems so unfettered by politics so far while so many other things are nicely split amongst party lines. Seems like maybe the Republicans should embrace C and the democrats can have python or something.

    • sexual_tomato@lemmy.dbzer0.comEnglish
      71·
      1 year ago

      Republicans get C, Java, Lua, and C++; Democrats get Ada, Rust, C#, and Python; Libertarians get Zig, TCL, Julia, and Ocaml for some reason.

      • rottingleaf@lemmy.zipEnglish
        6·
        1 year ago

        I thought this is a tech space, but you’ve just made a lot of people Republicans.

        One would also expect Ada to be Republican.

        And can libertarians please have Common Lisp?

        • Sylvartas@lemmy.worldEnglish
          4·
          1 year ago

          Ada could never be republican, on the basis that it’s named after a british woman scientist. I don’t think she’s on record as a feminist, but that’s about the only thing that would make her “worse” in their eyes

          Also why do the democrats only get languages for people who don’t care about performances ? /s ^(it’s just a prank bro)

          • rottingleaf@lemmy.zipEnglish
            2·
            1 year ago

            I was thinking about the association of the Ada language with defense stuff, and also her being Byron’s daughter, which is more specific than being British, I’m not sure she’d complain about associations with Republicanism, but then this can also be interpreted in favor of libertarians.

            No, the question is valid about weird selection of languages for Democrats. I think what they meant is that separation of various issues between parties is orthogonal to any sane logic, so we should do this with programming languages too.

            Also I want to know who gets Erlang.

    • mox@lemmy.sdf.orgEnglish
      0·
      1 year ago

      C isn’t bad. It has been a good portable assembly language for ages, and remains so today. What’s problematic is continuing to use it where more advanced languages now make more sense.

      I won’t defend C++, though. I’m happy to kick it to the curb now that better alternatives are gaining traction.

  • treadful@lemmy.zipEnglish
    5·
    1 year ago

    “We, as a nation, have the ability—and the responsibility—to reduce the attack surface in cyberspace and prevent entire classes of security bugs from entering the digital ecosystem but that means we need to tackle the hard problem of moving to memory safe programming languages,” National Cyber Director Harry Coker said in the White House news release.

    o7

  • Richard@lemmy.worldEnglish
    1·
    1 year ago

    C is not the problem, it’s sloppy “programmers” who cannot handle direct memory control and who do not understand the underlying system architecture and how a microprocessor operates. People who are good at writing C can make code just as safe as the safest Rust code.

    • wolf@lemmy.zipEnglish
      1·
      1 year ago

      I love C, but C definitely is the problem.

      While one disciplined programmer can in theory write correct code, once there is a small group of even good C programmers and a code base with more than around 3000-5000 LOC, there will be bugs. There is a good reason for tools like Valgrind etc.

      While I think C and C++ are the problem, I don’t think Rust is the solution, tho.