News AI
November 9th, 2024

US government wants devs to stop using C and C++

CISA and the FBI urge developers to shift from memory-unsafe languages like C and C++ to memory-safe options by January 1, 2026, citing significant security risks and resistance to change.

Read original articleLink Icon
US government wants devs to stop using C and C++

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are urging software developers to move away from using "memory-unsafe" programming languages like C and C++. They emphasize that these languages pose significant risks to national security, economic stability, and public safety due to vulnerabilities such as buffer overflows. A report highlighted that over half of the analyzed critical open-source projects contain code in memory-unsafe languages, which account for 70% of security vulnerabilities. CISA recommends transitioning to memory-safe languages like Rust, Java, and Python, which offer built-in protections against common memory-related errors. However, the transition is complicated by the extensive time and resources required to convert existing codebases, as well as potential performance issues associated with newer languages. CISA has set a deadline for companies to develop roadmaps for this transition by January 1, 2026, arguing that the long-term benefits outweigh the initial costs. Despite these recommendations, many developers and companies are resistant to change, prioritizing speed and existing expertise in C and C++. The article suggests that while a shift to memory-safe languages is a good idea, it is unlikely to happen quickly, with significant resistance expected in the near term.

- CISA and FBI are advocating for a shift from C and C++ to memory-safe languages.

- Memory safety vulnerabilities account for 70% of security issues in software.

- Transitioning to new languages is resource-intensive and may affect performance.

- Companies must create transition roadmaps by January 1, 2026.

- Resistance to change is prevalent among developers and organizations.

Related

Investing in Rust

Investing in Rust

Investing in Rust programming language can enhance cybersecurity by preventing memory-related vulnerabilities. Challenges in adoption include integration issues and skill set mismatches, suggesting U.S. policy interventions for promotion.

Safer C++

Safer C++

Alex Gaynor advocates transitioning from C/C++ to memory-safe languages in security-critical contexts, proposing improvements in C++ safety through bounds checking, smart pointers, and a dual strategy for teams.

Safer C++

Safer C++

Alex Gaynor advocates transitioning from C/C++ to memory-safe languages in security-critical contexts, proposing improvements in C++ safety while acknowledging challenges and recommending a dual strategy for enhancement and migration.

The empire of C++ strikes back with Safe C++ blueprint

The empire of C++ strikes back with Safe C++ blueprint

The Safe C++ Extensions proposal aims to enhance memory safety in C++, responding to demands for secure coding. It introduces compile-time checks and seeks broader industry participation for implementation.

The US government wants developers to stop using C and C++

The US government wants developers to stop using C and C++

CISA and the FBI urge developers to abandon memory-unsafe languages like C and C++ due to security risks, recommending a shift to memory-safe languages by January 1, 2026, despite challenges.

Link Icon 11 comments
By @kvemkon - 5 months
Discussed recently:

Feds: Critical Software Must Drop C/C++ by 2026 or Face Risk (01.11.2024)

https://news.ycombinator.com/item?id=42013379

By @firesteelrain - 5 months
If the USG wants this then they need to start inserting it into Statements of Work then companies bidding on this type of work can assess impacts and provide a business case. It will be slow but start there. The same way Risk Management Framework works, DoD 8570, etc
By @rini17 - 5 months
Linus does not use standard C either. Linux kernel depends on -fwrapv switch (reduced UB on signed ints). Also in discussion about Rust mentioned the kernel has lots of infrastructure that almost makes C into different language.
By @up2isomorphism - 5 months
Rust should just build their own super safe OS, instead of nagging existing projects to adopt their practices. If they can successfully build an another successful OS it is much more convincing.
By @2OEH8eoCRo0 - 5 months
Put your money where your mouth is govt! Make memory safety a contract requirement.
By @npalli - 5 months
1991 Edition

https://www.gao.gov/products/imtec-91-70br

   Pursuant to a congressional request, GAO obtained information on the Department of Defense's (DOD) implementation of legislation which mandated using the Ada programming language for all software development, where cost-effective.
By @hed - 5 months
Didn’t the Department of Defense try to mandate Ada in the 1980s? That went nowhere.
By @jjgreen - 5 months
You mind your own projects, I code in what I like.
By @galleywest200 - 5 months
> If only it were that easy to snap your fingers and magically transform your code base from C to Rust. Spoiler alert: It's not.

This misses the point. The point is to start moving in that direction, not instantaneously.

By @bubaumba - 5 months
Sounds idiotic if you ask me.
By @secondcoming - 5 months
What's really needed is an official Engineering qualification for programmers, like you leaglly have to have if you're an Electrician or Gas Engineer, etc. Liability Insurance in case of damaging bugs.

Literally anyone can call themselves a Software Engineer, which one the one hand is great because it's accessible, but also a curse in terms of making it a respected profession.