Hacker News new | ask | show | jobs
by BaculumMeumEst 1046 days ago
the united states government is not going to outlaw the use of memory unsafe languages. that is an absurd idea. nothing in your links suggests they would even consider it. "moving the culture of software development" to memory safe language does not mean "we want to put you in jail for writing C".
3 comments
grumpyprole 1046 days ago
Where did you get the idea that jails are involved? Governments are clearly forming a position, if they fund new projects, they are quite likely to enforce that position. That's a significant market already.
link
BaculumMeumEst 1046 days ago
they can enforce that position by funding projects that are written in languages that they believe are memory safe. they do not need, or want, to legislate that.
link
pjmlp 1046 days ago
Funny that you mention that, EU does sponsor Rust development.

"Logical Foundations for the Future of Safe Systems Programming"

https://cordis.europa.eu/project/id/683289

As for US,

https://media.defense.gov/2022/Nov/10/2003112742/-1/-1/0/CSI...

"NSA advises organizations to consider making a strategic shift from programming languages that provide little or no inherent memory protection, such as C/C++, to a memory safe language when possible. Some examples of memory safe languages are C#, Go, Java, Ruby™, and Swift®. Memory safe languages provide differing degrees of memory usage protections, so available code hardening defenses, such as compiler options, tool analysis, and operating system configurations, should be used for their protections as well. By using memory safe languages and available code hardening defenses, many memory vulnerabilities can be prevented, mitigated, or made very difficult for cyber actors to exploit."

link
pjmlp 1046 days ago
No, however it may require that like with other kinds of dangerous chemicals, or hazourds goods, their use must follow strict requirements, like they already have to for high integrity computing.
link
dakom 1046 days ago
Agreed, it's absurd. Jail time for writing javascript otoh...
link
Borborygymus 1046 days ago
I guffawed, and I'm not afraid to admit it.
link
grumpyprole 1046 days ago
And this attitude is why it's a serious issue in our industry. You clearly don't take security seriously, to the point that it's a laughing matter for you.
link
dbalatero 1046 days ago
If you can't see why jailing people for writing JS is a comically absurd concept…
link
grumpyprole 1046 days ago
Why is JS even relevant to this discussion?
link