Biden administration calls for developers to embrace memory-safe programing languages and move away from those that cause buffer overflows and other memory access vulnerabilities.

Biden administration calls for developers to embrace memory-safe programing languages and move away from those that cause buffer overflows and other memory access vulnerabilities.

  • @mlg@lemmy.worldEnglish
    181 year ago

    You mean like android running java which is why everyone and their mom bought Israel’s Pegasus spyware toolkit?

    • AggressivelyPassive
      161 year ago

      When was the last time you’ve heard of a memory safety issue in Java code? Not the runtime or some native library, raw dogged Java.

      Memory safety isn’t a silver bullet, but it practically erases an entire category of bugs.

      • @mlg@lemmy.worldEnglish
        101 year ago

        Fair point, even log4j was running java code, not literally hijacking the stack or heap.

        That being said, I’m poking fun because C and C++ have low level capabilities of which only Rust offers a complete alternative of. Most of everything else is safe because it comes packaged with a garbage collector which affects performance and viability. I think Go technically counts if you set the GC allocation to 0 and use pointers for everything, but might as well use Rust or C at that point.

        I guess I’m just complaining out of all the issues ONCD could point out, they went after the very broad “memeory-safe is always better” when most of the people using C and C++ need the performance. They only offered Rust as a potential alternative in the report with nothing else which everyone already knows. Would be nice to see them make a real statement like telling megacorps to stop using unencrypted SCADA on the internet.

    • @bamboo@lemm.ee
      141 year ago

      The apps are (sometimes) Java, but the OS is a mix of languages, mostly C and C++. The Java runtime itself is C++.