180

White House urges developers to dump C and C++ (www.infoworld.com)

submitted 6 months ago by MarcoPOLO@sh.itjust.works to c/worldnews@lemmy.ml

58 comments fedilink hide all child comments

Biden administration calls for developers to embrace memory-safe programing languages and move away from those that cause buffer overflows and other memory access vulnerabilities.

you are viewing a single comment's thread
view the rest of the comments

[-] ScreaminOctopus@sh.itjust.works 27 points 6 months ago

Pretty crazy to reccomend Java as a secure alternative.

[-] u_tamtam@programming.dev 8 points 6 months ago

Why? What's wrong with safe, managed and fast languages?

[-] zik@lemmy.world 14 points 6 months ago* (last edited 6 months ago)

Java's runtime has had a large number of CVEs in the last few years, so that's probably a decent reason to be concerned.

[-] u_tamtam@programming.dev 3 points 6 months ago

Yep but:

it's one runtime, so patching a CVE patches it for all programs (vs patching each and every program individually)
graalvm is taking care of enabling java to run on java

[-] DampCanary@lemmy.world 7 points 6 months ago

Nothing...

Only that descrition doesn't include Java

[-] ScreaminOctopus@sh.itjust.works 3 points 6 months ago

Nothing really, the JVM has a pretty troubled history that would really make me hesitate to call it "safe". It was originally built before anyone gave much thought to security and that fact plauges it to the present day.