183

Biden administration calls for developers to embrace memory-safe programing languages and move away from those that cause buffer overflows and other memory access vulnerabilities.

you are viewing a single comment's thread
view the rest of the comments
[-] u_tamtam@programming.dev 13 points 2 years ago

Why? What's wrong with safe, managed and fast languages?

[-] zik@lemmy.world 14 points 2 years ago* (last edited 2 years ago)

Java's runtime has had a large number of CVEs in the last few years, so that's probably a decent reason to be concerned.

[-] u_tamtam@programming.dev 5 points 2 years ago

Yep but:

  • it's one runtime, so patching a CVE patches it for all programs (vs patching each and every program individually)

  • graalvm is taking care of enabling java to run on java

[-] DampCanary@lemmy.world 10 points 2 years ago

Nothing...

Only that descrition doesn't include Java

[-] ScreaminOctopus@sh.itjust.works 3 points 2 years ago

Nothing really, the JVM has a pretty troubled history that would really make me hesitate to call it "safe". It was originally built before anyone gave much thought to security and that fact plauges it to the present day.

[-] u_tamtam@programming.dev 2 points 2 years ago

and how much of this troubled history is linked to Java Applets/native browsers extensions, and how much of it is relevant today?

[-] dukatos@lemm.ee 2 points 2 years ago
[-] FooBarrington@lemmy.world 3 points 2 years ago

There's a difference between writing code on a well-tested and broadly used platform implemented in C++ vs. writing new C++.

this post was submitted on 28 Feb 2024
183 points (100.0% liked)

World News

38037 readers
315 users here now

News from around the world!

Rules:

founded 6 years ago
MODERATORS