[OT] NSA guidance on software security
H. S. Teoh
hsteoh at qfbox.info
Sat Nov 12 14:33:48 UTC 2022
On Fri, Nov 11, 2022 at 07:03:58AM +0000, Paulo Pinto via Digitalmars-d wrote:
> So it is happening,
>
> "Memory issues in software comprise a large portion of the exploitable
> vulnerabilities in existence. NSA advises organizations to consider
> making a strategic shift from programming languages that provide
> little or no inherent memory protection, such as C/C++, to a memory
> safe language when possible. Some examples of memory safe languages
> are C#, Go, Java, Ruby™, and Swift®."
>
> https://media.defense.gov/2022/Nov/10/2003112742/-1/-1/0/CSI_SOFTWARE_MEMORY_SAFETY.PDF
[...]
This was inevitable, it was just a matter of time. Memory-unsafe
languages have no long-term future. In the current landscape of online
threats, memory safety is no longer an option, it's an essential
requirement. The day will come when it will no longer be viable to use
a memory-unsafe language for anything non-trivial.
T
--
Time flies like an arrow. Fruit flies like a banana.
More information about the Digitalmars-d
mailing list