White house urges Developers to move away from C/C++

I'm not sure what to think about it yet, but on the surface level, i think that makes sense.

https://infoworld.com/article/...

I don't think anyone in the whitehouse knows anything beyond the name of the programming languages. Government can eat shit and die. They can't even balance a fucking checkbook and they want to influence technical decisions?

To be fair, if you can't get decent programmers, you might as well migrate to a higher language where less skill is necessary to keep everything at bay. Just something as simple as garbage collection and automatic memory management can simplify things significantly. You may lose some control and take performance hits... but I doubt the white house needs their code running on low grade hardware and to be power efficient... they can probably get whatever servers they need to run their bloated but functional and safe code

Unless they can fucking code, they should shut the fuck up. You can write unsafe code in any language.

THAT SOUNDS FUCKING SUSPICIOUS

@jestdotty now that you mention it, this sounds like a tech company telling them to influence this. Then the tech company can sell the "solution". Let me guess: Apple, Microsoft, and Google?

I am in a poor mood today. I didn't need retards in DC trying to politicize my profession today. Next up, how C++ causes global warming. We all know Javascript really does...

This is why the immigration app crashes at 8:01 am every day.

This is said many years ago by NSA or smth. It kinda means they don't trust humans do the right thing. But as mentioned by @Demolishun, what about climate? I hope the climate craziness puts C back on track. It's the best

@Demolishun one of them was previously at Google:

She also served as the Head of Product Security Strategy Google after serving as the Lead for Security Policy & Election Integrity, Google Play & Android at Google.

The head seems to have a military background, though.

C++ has ranges now for fast sequential algorithms, it's high time they introduce bounds checking for std::vector::operator[], which is a non-breaking change anyway.

The title of the report is SOFTWARE SHOULD BE MEMORY SAFE, which is the most obviously true statement I've ever read in a government report.

There are multiple ways of working towards this goal, and every language has options. Even C can be memory safe, albeit at a vast expense of either performance or engineering work on static code analysis.

C++ would have to invest relatively little effort to change the respective statement from "c++ is not memory safe" to "c++23 and lower is not memory safe". I don't expect it'll be done because the c++ designers are very conscious about design debt, but just saying; c++ being unsafe isn't a law of nature but a consequence of specific design decisions that can be changed between versions.

@lorentz "can be changed between versions"

I'm still dealing with the breaking changes introduced in c++11. So breaking changes are not trivial and would take decades to be taken up everywhere. So what features would need to be added to make it memory safe? Not many.

It's also not just design debt. It's performance. If you can make it faster in c, that's not going to be accepted in c++.

@lorentz I agree on bounds checking. But let me guess, it breaks the ABI? That is part of the issue with some C++ libraries. Any fix breaks the ABI. So it is just as taboo to change as syntax.

We use C++ for embedded work. A lot of things you do in embedded is not memory safe. Like just setting a pointer to a hardware location.

I am not sure if C/C++ can still solve all problems without being able to do things like this. There would definitely have to be a concept of things that are more risky than others. Right now there is no delineation other than knowing the languages.

@Demolishun I'm now wondering how/if rust deals with this

@atheist Rust has safe/unsafe code as far as I know. So you can bound the sketchy bits.

@Demolishun I can't imagine any usage of the ABI that is sensible now but breaks with a bounds checked vector. In general, vector is a managed datastructure and if you can make enough assumptions about it to safely index out of bounds then you already control the allocator and bypassing the vector would make more sense anyway.

@Demolishun It's clear that C++ needs a way to access raw memory for MMIO and stuff, and any abstraction is optional. I merely advocate that abstractions should use their knowledge of what is and isn't hidden state to reject commands whose safety hinges on hidden state.

@lorentz ABI was the excuse why they couldn't fix std::regex. Something about everything being a template. I have not looked at std::vector though.

@retoor figured out the climate change thing finally actually

https://rumble.com/v4g8f4l-climate-... (this woman comes off crazy to me but the math checks out)

@jestdotty I think they're terrified because Israel used their defense money to do laps on the US in terms of cybersecurity. This report demonstrates the only way I know to improve defensive cybersecurity at scale; automated tools that make certain types of mistakes difficult or impossible.

Finding a buffer overflow in openssl is probably possible. Finding all buffer overflows certainly isn't.

@lorentz it's freaking memory safe but the developer has some responsibility. So scary.

@retoor so is Assembly.

@lorentz more eyes, realize, shit with flies. That is one of the strengths of open source.