last highlighted date: 2024-11-14
Highlights
- So when the US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigations (FBI announced they were doubling down on their efforts to persuade software manufacturers to abandon “memory-unsafe” programming languages such as C and C++, it came as no surprise.
- a report, Exploring Memory Safety in Critical Open Source Projects, which analyzed 172 critical open source projects. The findings revealed that over half of these projects contain code written in memory-unsafe languages, accounting for 55 percent of the total lines of code across the examined projects.
- people who’ve spent years and sometimes decades mastering C don’t want to master the very different Rust. They don’t see the point. After all, they can write memory-safe code in C, so why can’t you?
- Converting existing large codebases to memory-safe languages can be an enormous undertaking. It’s time-consuming, resource-intensive, requires careful planning to maintain functionality, and, frankly, it’s a pain in the rump.
- Another problem is that memory-safe languages may introduce performance slowdowns compared to C and C++.