White House urges developers to dump C and C++::Biden administration calls for developers to embrace memory-safe programing languages and move away from those that cause buffer overflows and other memory access vulnerabilities.

  • @OutrageousUmpire
    link
    English
    7510 months ago

    I’m not sure what to think about this. It’s bizarre, the White House making any recommendations on programming languages.

    They’re definitely not seen as an authority in this field. Why would anyone care what recommendation they make? And so why make one at all?

    • mox
      link
      fedilink
      English
      6610 months ago

      They’re definitely not seen as an authority in this field. Why would anyone care what recommendation they make?

      It’s possible that they are acting on the advice of advisors who are authorities in this field.

      And so why make one at all?

      I expect it’s because information and industrial security are components of national security, which is of great concern to them, and those things depend on software.

      I’m not surprised to see this, given that state-sponsored electronic attacks are on the rise these days.

      • @[email protected]
        link
        fedilink
        English
        510 months ago

        This is exactly why people sound sophomoric when they say “lobbying needs to go!” There are some drastic problems with lobbying as it is allowed now, but the last thing we need is the government regulating things they know nothing about without the input of experts. On top of that, it’s nonsense that I can’t pass my local councilman on the street and stop and push them to spend more time addressing important issues like climate change.

        • mox
          link
          fedilink
          English
          1010 months ago

          It’s important to remember that the argument against lobbying isn’t about the broadest sense of the word “lobbying”, but rather about corporations and other moneyed interests having unfair and unhealthy influence over the laws that govern everyone else.

          The people who decry lobbying probably agree with you; they’re just using the word in an implicitly narrow context.

          • @[email protected]
            link
            fedilink
            English
            310 months ago

            they’re just using the word in an implicitly narrow context.

            I think we mostly agree, but disagree on this point. I think it’s just that most people haven’t given it any thought. Like they are just ignorantly going along with the popular opinion.

            • mox
              link
              fedilink
              English
              210 months ago

              I suppose mob mentality is likely to play some part in every widely shared view.

              At the very least, I can guarantee that one of said people has given it thought. :)

        • @[email protected]
          link
          fedilink
          English
          210 months ago

          I don’t think your argument quite holds up. The directionality is important. It’s true that the government can’t always know about technical things directly, but I think it’s fine for the government to be expected to know which experts they need to consult, and for that process not to just be open to everyone (which just means more open to those with more money).

          • @[email protected]
            link
            fedilink
            English
            210 months ago

            it’s fine for the government to be expected to know which experts they need to consult

            What happens if they don’t even know it’s a problem? Or they don’t realize the severity of the problem so it gets a lower priority?

            And it also sounds like you’re arguing that I can’t talk to my local representative about what I think are the important issues that need to be addressed. If they have to seek me out, I would have zero input.

    • @phoneymouse
      link
      English
      2910 months ago

      It’s a national security threat

      • @Sweetpeaches69
        link
        English
        3
        edit-2
        10 months ago

        NIST is mentioned

        confused and angry screaming

    • @someacnt_
      link
      English
      1110 months ago

      There have been words around this, like how software should be safe by design, but the regulation should come from the governing entity. This is simply materialized now, but there has been momentum.

    • @Mango
      link
      English
      210 months ago

      They can’t even figure out language for human interpretation much less computer interpretation.

    • @foobaz
      link
      English
      2010 months ago

      Done, next the Linux kernel? 😱

      • @[email protected]
        link
        fedilink
        English
        710 months ago

        It’s a hard sacrifice to make, but if that means killing Windows, then mwahahaha… I mean, MS’s power lies in supporting all that legacy.

  • @omega_x3
    link
    English
    4610 months ago

    Team Fortran raise up, but not too fast our old bones aren’t as strong as they used to be.

    • @TunaLobster
      link
      English
      310 months ago

      I updated an internal library from 77 to 90 last week. We’re working quickly these days!

  • @CaptainSpaceman
    link
    English
    4310 months ago

    Good luck with that, C/C++ are still crazy popular

    • Eager Eagle
      link
      English
      3710 months ago

      well… that’s the point - if they weren’t this wouldn’t be a concern

    • @AA5B
      link
      English
      310 months ago

      Damn, it’s been like 25 years since I touched either of those. Aside from OS development, do people really do that anymore?

      • @[email protected]
        link
        fedilink
        English
        910 months ago

        C++ is also the standard in game dev. You may see some C# here and there, but most engines, public available or otherwise, are built on C++.

        If it is a AAA game, I can assure you it is most likely made with C++.

      • @poopsmith
        link
        English
        610 months ago

        Most of the embedded world uses those.

      • Subverb
        link
        English
        310 months ago

        Embedded systems developer here. If you’re programming on ARM or one of the other big microcontrollers there aren’t many well supported options. ARM’s official Keil compiler and libraries are C and C++ and I see no official movement to change that.

        They have literally decades in building those tools.

        Microsoft’s multithreaded OS ThreadX is C code. They just bought it for a large undisclosed amount in 2018. It ain’t going anywhere soon.

        AWS’s FreeRTOS is C. Not going anywhere.

        Embedded development toolchains are very slow to change.

      • @[email protected]
        link
        fedilink
        English
        110 months ago

        A large chunk of not most of robotic development is C and C++. Since working with a mixture of hardware, software, and even performance software here comes C and C++.

  • @[email protected]
    link
    fedilink
    English
    3810 months ago

    I think we should politicize code. It seems so unfettered by politics so far while so many other things are nicely split amongst party lines. Seems like maybe the Republicans should embrace C and the democrats can have python or something.

    • @[email protected]
      link
      fedilink
      English
      17
      edit-2
      10 months ago

      Republicans get C, Java, Lua, and C++; Democrats get Ada, Rust, C#, and Python; Libertarians get Zig, TCL, Julia, and Ocaml for some reason.

      • @[email protected]
        link
        fedilink
        English
        1510 months ago

        I thought this is a tech space, but you’ve just made a lot of people Republicans.

        One would also expect Ada to be Republican.

        And can libertarians please have Common Lisp?

        • @Sylvartas
          link
          English
          810 months ago

          Ada could never be republican, on the basis that it’s named after a british woman scientist. I don’t think she’s on record as a feminist, but that’s about the only thing that would make her “worse” in their eyes

          Also why do the democrats only get languages for people who don’t care about performances ? /s ^(it’s just a prank bro)

          • @[email protected]
            link
            fedilink
            English
            710 months ago

            I was thinking about the association of the Ada language with defense stuff, and also her being Byron’s daughter, which is more specific than being British, I’m not sure she’d complain about associations with Republicanism, but then this can also be interpreted in favor of libertarians.

            No, the question is valid about weird selection of languages for Democrats. I think what they meant is that separation of various issues between parties is orthogonal to any sane logic, so we should do this with programming languages too.

            Also I want to know who gets Erlang.

      • @WelcomeBear
        link
        English
        1510 months ago

        Ruby is just one guy, Vermin Supreme

        • @TORFdot0
          link
          English
          1110 months ago

          Ruby-off-the-rails

        • @yuriy
          link
          English
          410 months ago

          Vermin Supreme still stands by his pony plan doesn’t he? You KNOW he’s out here using FiM++

      • @Mango
        link
        English
        210 months ago

        Why do Republicans get the good stuff?

    • mox
      link
      fedilink
      English
      2410 months ago

      C isn’t bad. It has been a good portable assembly language for ages, and remains so today. What’s problematic is continuing to use it where more advanced languages now make more sense.

      I won’t defend C++, though. I’m happy to kick it to the curb now that better alternatives are gaining traction.

      • @Rednax
        link
        English
        310 months ago

        The problem with C++ is not the lack of safety features. It’s the ever lasting backwards compatibility that is keeping it both alive and down at the same time.

        Having to support 50 year old code, is going to limit any restriction you place. But it is usually the restrictions that make a language good.

        Example: You can write perfectly good modern C++ code without any pointers. But pointers are so ingrained into the language, that it is impossible to remove them.

  • ben
    link
    fedilink
    English
    2810 months ago

    Probably a good idea, plenty of languages out there that can give good performance while being memory safe nowadays.

    • @[email protected]
      link
      fedilink
      English
      710 months ago

      Such as? (Non-programmer here, so I don’t know the ins and outs of programming languages.)

      • ben
        link
        fedilink
        English
        1210 months ago

        Zig and Rust come to mind, at least for replacements for low level languages.

        • @scharf_2x40
          link
          English
          7
          edit-2
          10 months ago

          Isn’t that only microsoft exclusive and closed source? Also does compiling it really yield the same speed as C, it is garbage collected isn’t it?

          • 𝒍𝒆𝒎𝒂𝒏𝒏
            link
            fedilink
            English
            910 months ago

            Was always possible to compile+run C# on Linux using the Mono project. Until Microsoft “bought them out” and created .NET Core, a cross platform version of .NET that MS now encourages people to use instead…

            Microsoft’s new linux compile tools rub me the wrong way slightly, with the telemetry that’s opt-in by default.

            Mono is still extremely valuable for older .NET Framework apps under WINE though, way easier to setup compared to the official installers from what i’ve experienced.

            No idea how compiled C# compares to C…

        • @Asifall
          link
          English
          310 months ago

          *proceeds to wrap everything in unsafe {}

      • @[email protected]
        link
        fedilink
        English
        210 months ago

        Rust is the main one for the kind of code that’s typically written in C++. Most memory-safe languages make big compromises on performance, but Rust code tends to run about as fast as comparable C++ code.

  • @Dzeimis
    link
    English
    1810 months ago

    Wtf, I thought this was a meme…

    • @ricdeh
      link
      English
      010 months ago

      Just write memory safe code lol

  • @[email protected]
    link
    fedilink
    English
    810 months ago

    “We, as a nation, have the ability—and the responsibility—to reduce the attack surface in cyberspace and prevent entire classes of security bugs from entering the digital ecosystem but that means we need to tackle the hard problem of moving to memory safe programming languages,” National Cyber Director Harry Coker said in the White House news release.

    o7

  • @badbytes
    link
    English
    810 months ago

    Good reason to not drop C and C++

  • @makozuma
    link
    English
    410 months ago

    Can’t we just bring back Forth and call it a day?