Posted on 02/28/2024 1:41:30 PM PST by yesthatjallen
The government would prefer it if you stopped programming tools in C or C++. In a new report, the White House Office of the National Cyber Director (ONCD) has called on developers to use "memory-safe programming languages," a category which excludes the popular languages. The advice is part of U.S. President Biden's Cybersecurity strategy and is a move to "secure the building blocks of cyberspace."
Memory safety refers to protection from bugs and vulnerabilities which deal with memory access. Buffer overflows and dangling pointers are examples of this. Java is considered a memory-safe language due to its runtime error detection checks. However, C and C++ both allow arbitrary pointer arithmetic with direct memory addresses and no bounds checking.
In 2019, Microsoft security engineers reported that around 70% of security vulnerabilities were caused by memory safety issues. Google reported the same figure in 2020, this time for bugs found in the Chromium browser.
" Experts have identified a few programming languages that both lack traits associated with memory safety and also have high proliferation across critical systems, such as C and C++," the report reads. "Choosing to use memory safe programming languages at the outset, as recommended by the Cybersecurity and Infrastructure Security Agency’s (CISA).
SNIP
(Excerpt) Read more at tomshardware.com ...
For the most critical systems, being safety critical embedded systems that require certification, they’re ALL based on C/C++ - you can’t use Java.
What does the WH recommend?
I guess it’s back to assembler code.
Back to 0s and 1s.
But we have multi-gigahertz, multi-core processors and lithium batteries to make up for that!
Two words-punch cards
Actually Biden himself is very fluent in Dotard++
Me, assembler:-)
Rust is a generation if c/c++ without all of Java’s endless class nonsense.
(Still think Python’s best for one and done or experimenting.)
FLI -flash lights impressively
BTX -blink twice and explode
(Program Check, core dump listing follows)
Many (most) of graphics card firmware drivers had Fortran transformation logic in their chips. Maybe some. Still do.
(Numerical Recipes book, classic with FØRTRAN examples)
I like C. It gets the job done.
From the people who brought you COBOL. (and Ada-83)
It’s Delphi now.
I did my first real programming in C. That’s freaking old in itself, Kernighan and Ritchie wrote the book in 1978.
DEC Vax running BSD.
“I guess it’s back to assembler code.”
In which you can do anything you like with memory.
COBOL worked great, for the things it was intended to do.
Anyone who has learned to properly code in C and C++
knows to check for array bounds, dangling pointers and
to use garbage cleanup routines when writing procedures that
allocate memory.
Let me translate this, since I have been programming since 1978.
When you see a painting that is a work of art, and one that looks like a child’s doodle, they have one thing in common - the paintbrush. Don’t blame the paintbrush.
“Me, assembler:-)”
Me too. RPG, Fortran, Cobol, etc....
RPGILE Today started programming on IBM System 34.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.