[OT] NSA guidance on software security
Siarhei Siamashka
siarhei.siamashka at gmail.com
Fri Nov 11 08:34:39 UTC 2022
On Friday, 11 November 2022 at 07:03:58 UTC, Paulo Pinto wrote:
> D is not yet on the list, but who knows, it might make an
> appearance on some revised version, if someone at NSA is paying
> attention.
I find it more surprising that Python is not on the list. But
they just provide a few examples of safe programming languages.
But even if they decide to provide a complete list of recommended
programming languages, in NSA's shoes I would avoid recommending
D yet. Because is not @safe by default and the @system code in
"-release" builds has no bounds checking (so goodbye memory
safety). Additionally, catching arithmetic overflows is the next
safety frontier NSA may be looking into and D has nothing good to
offer (the checkedint library is a fig leaf and non-practical in
reality).
More information about the Digitalmars-d
mailing list