White house urges Developers to move away from C/C++

I'm not sure what to think about it yet, but on the surface level, i think that makes sense.

https://infoworld.com/article/...

To be fair, if you can't get decent programmers, you might as well migrate to a higher language where less skill is necessary to keep everything at bay. Just something as simple as garbage collection and automatic memory management can simplify things significantly. You may lose some control and take performance hits... but I doubt the white house needs their code running on low grade hardware and to be power efficient... they can probably get whatever servers they need to run their bloated but functional and safe code

Unless they can fucking code, they should shut the fuck up. You can write unsafe code in any language.

THAT SOUNDS FUCKING SUSPICIOUS

This is why the immigration app crashes at 8:01 am every day.

This is said many years ago by NSA or smth. It kinda means they don't trust humans do the right thing. But as mentioned by @Demolishun, what about climate? I hope the climate craziness puts C back on track. It's the best

@Demolishun one of them was previously at Google:

She also served as the Head of Product Security Strategy Google after serving as the Lead for Security Policy & Election Integrity, Google Play & Android at Google.

The head seems to have a military background, though.

C++ has ranges now for fast sequential algorithms, it's high time they introduce bounds checking for std::vector::operator[], which is a non-breaking change anyway.

The title of the report is SOFTWARE SHOULD BE MEMORY SAFE, which is the most obviously true statement I've ever read in a government report.

There are multiple ways of working towards this goal, and every language has options. Even C can be memory safe, albeit at a vast expense of either performance or engineering work on static code analysis.

C++ would have to invest relatively little effort to change the respective statement from "c++ is not memory safe" to "c++23 and lower is not memory safe". I don't expect it'll be done because the c++ designers are very conscious about design debt, but just saying; c++ being unsafe isn't a law of nature but a consequence of specific design decisions that can be changed between versions.

@lorentz "can be changed between versions"

I'm still dealing with the breaking changes introduced in c++11. So breaking changes are not trivial and would take decades to be taken up everywhere. So what features would need to be added to make it memory safe? Not many.

It's also not just design debt. It's performance. If you can make it faster in c, that's not going to be accepted in c++.

@Demolishun I'm now wondering how/if rust deals with this

@Demolishun I can't imagine any usage of the ABI that is sensible now but breaks with a bounds checked vector. In general, vector is a managed datastructure and if you can make enough assumptions about it to safely index out of bounds then you already control the allocator and bypassing the vector would make more sense anyway.

@Demolishun It's clear that C++ needs a way to access raw memory for MMIO and stuff, and any abstraction is optional. I merely advocate that abstractions should use their knowledge of what is and isn't hidden state to reject commands whose safety hinges on hidden state.

@retoor figured out the climate change thing finally actually

https://rumble.com/v4g8f4l-climate-... (this woman comes off crazy to me but the math checks out)

@jestdotty I think they're terrified because Israel used their defense money to do laps on the US in terms of cybersecurity. This report demonstrates the only way I know to improve defensive cybersecurity at scale; automated tools that make certain types of mistakes difficult or impossible.

Finding a buffer overflow in openssl is probably possible. Finding all buffer overflows certainly isn't.

@lorentz it's freaking memory safe but the developer has some responsibility. So scary.

@retoor so is Assembly.