Subj : US White House urges devs to dump C and C++
To   : Digital Man
From : Nightfox
Date : Thu Feb 29 2024 09:31:20

  Re: US White House urges devs to dump C and C++
  By: Digital Man to Nightfox on Wed Feb 28 2024 09:50 pm

 DM> I don't doubt it. Managed languages have been big in security and
 DM> enterprise app development, anywhere performance or hardware-access isn't
 DM> the paramount priority, for a long time now. It's not to say that you
 DM> can't have vulnerabilites in managed software (they happen all the time),
 DM> they're just a different class of vulnerabilities that are generally
 DM> easier to find and defend against or fix than the memory issues that
 DM> plague C and C++ code bases.

 DM> It's honestly not bad advice for most projects (e.g. I don't think Apple
 DM> accepts apps written in C or C++ in its app store). But keep in mind, Rust
 DM> supports writing memory-unsafe code too. It's default mode is memory-safe,
 DM> but it's still subvertable. So Rust might not be the cure-all they think
 DM> it is.

I've sometimes thought it shouldn't be much of an issue if you're always careful about how you write code.  There's that adage "the poor craftsman blames his tools"..  One thing I like about C and C++ is they don't do much to limit you, but I suppose that can be a blessing and a curse.  And human error is always a factor, so I suppose it's good when the programming language can help you avoid introducing bugs and vulnerabilities.

Nightfox
--- SBBSecho 3.20-Linux
 * Origin: Digital Distortion: digdist.synchro.net (21:1/137)

.