Herb Sutter shows how to make C++ less vulnerable and how "secure" languages aren't so secure.: SoylentNews Submission

Herb Sutter shows how to make C++ less vulnerable and how "secure" languages aren't so secure.

Accepted submission by bootsy at 2024-03-18 13:53:45 from the C++, CVE-- dept.

bootsy [soylentnews.org] writes:

Herb Sutter has an interesting article on his blog about approaches to improve security in C++ and modifying the language to assist with stopping programming errors that lead to exploits.

https://herbsutter.com/2024/03/11/safety-in-context/ [herbsutter.com]

There are two interesting insights. Firstly. most CVEs come from issues that could be dealt with with small changes to C++ that are being proposed.
The second is that even coding in languages with automatic memory allocation can still have massive vulnerabilties. Even code written in Rust has vulnerabilities so the language alone is not the whole problem.

Original Submission

SoylentNews

SoylentNews is people

Navigation

Sections

SoylentNews

Submission Preview

Herb Sutter shows how to make C++ less vulnerable and how "secure" languages aren't so secure.