this post was submitted on 28 Feb 2024
181 points (97.4% liked)

World News

32348 readers
58 users here now

News from around the world!

Rules:

founded 5 years ago
MODERATORS
 

Biden administration calls for developers to embrace memory-safe programing languages and move away from those that cause buffer overflows and other memory access vulnerabilities.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 18 points 8 months ago (1 children)

When was the last time you've heard of a memory safety issue in Java code? Not the runtime or some native library, raw dogged Java.

Memory safety isn't a silver bullet, but it practically erases an entire category of bugs.

[โ€“] mlg 11 points 8 months ago

Fair point, even log4j was running java code, not literally hijacking the stack or heap.

That being said, I'm poking fun because C and C++ have low level capabilities of which only Rust offers a complete alternative of. Most of everything else is safe because it comes packaged with a garbage collector which affects performance and viability. I think Go technically counts if you set the GC allocation to 0 and use pointers for everything, but might as well use Rust or C at that point.

I guess I'm just complaining out of all the issues ONCD could point out, they went after the very broad "memeory-safe is always better" when most of the people using C and C++ need the performance. They only offered Rust as a potential alternative in the report with nothing else which everyone already knows. Would be nice to see them make a real statement like telling megacorps to stop using unencrypted SCADA on the internet.