[OT] NSA guidance on software security
Paulo Pinto
pjmlp at progtools.org
Fri Nov 11 07:03:58 UTC 2022
So it is happening,
"Memory issues in software comprise a large portion of the
exploitable vulnerabilities in
existence. NSA advises organizations to consider making a
strategic shift from
programming languages that provide little or no inherent memory
protection, such as
C/C++, to a memory safe language when possible. Some examples of
memory safe
languages are C#, Go, Java, Ruby™, and Swift®."
https://media.defense.gov/2022/Nov/10/2003112742/-1/-1/0/CSI_SOFTWARE_MEMORY_SAFETY.PDF
Eventually this will move from a recomendation, to possible
specific certification requirements to still deliver software in
such languages.
D is not yet on the list, but who knows, it might make an
appearance on some revised version, if someone at NSA is paying
attention.
More information about the Digitalmars-d
mailing list