C++ and the Government
Could anyone care to comment on the following?
https://www.theregister.com/2024/11/08/the_us_government_wants_developers/
https://www.theregister.com/2024/11/08/the_us_government_wants_developers/
I agree with the sentiment that it would be better to move to safer languages, but I also agree with the ultimate statement that "Neither businesses nor programmers have sufficient reason to make the jump."
The problem is inertia. The problem is that C is the lingua franca of the programming world. If you're not directly writing in C, you're interfacing in C to other parts of the system. Things follow your particular platform's C ABI.
Some embedded microcontroller? The API is in C.
FreeRTOS? Written in C.
All the guides for <systems level thing>? They assume you're working in or at least interfacing in C.
Linux is written mostly in C, and even the Rust parts have to interface with C, but then as you introduce more Rust (or any other language for that matter) you add to the overhead/learning curve and you reduce the number of people that can be true experts across the entire project.
Personally I have not used languages like Rust (safest?) or Zig (safer but not as safe as Rust), so this is my perspective as someone who is hypothetically willing to use those languages, but who hasn't had the reason to try them, just like the article said. But I really should dedicate some time to doing so.
btw, really tangential, but there's also the issue of trust. It's actually a really hard problem to solve, even for C compilers. We trust that huge open-source projects like GCC are creating compilers that don't have exploits. Is there the same level of trust for newer projects? You get this chicken and egg problem when it comes to compilers, because theoretically you can hide exploits/backdoors by baking them into the binary of the compilers.
https://users.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf
https://security.stackexchange.com/questions/203048/ken-thompsons-compiler-hack
The problem is inertia. The problem is that C is the lingua franca of the programming world. If you're not directly writing in C, you're interfacing in C to other parts of the system. Things follow your particular platform's C ABI.
Some embedded microcontroller? The API is in C.
FreeRTOS? Written in C.
All the guides for <systems level thing>? They assume you're working in or at least interfacing in C.
Linux is written mostly in C, and even the Rust parts have to interface with C, but then as you introduce more Rust (or any other language for that matter) you add to the overhead/learning curve and you reduce the number of people that can be true experts across the entire project.
Personally I have not used languages like Rust (safest?) or Zig (safer but not as safe as Rust), so this is my perspective as someone who is hypothetically willing to use those languages, but who hasn't had the reason to try them, just like the article said. But I really should dedicate some time to doing so.
btw, really tangential, but there's also the issue of trust. It's actually a really hard problem to solve, even for C compilers. We trust that huge open-source projects like GCC are creating compilers that don't have exploits. Is there the same level of trust for newer projects? You get this chicken and egg problem when it comes to compilers, because theoretically you can hide exploits/backdoors by baking them into the binary of the compilers.
https://users.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf
https://security.stackexchange.com/questions/203048/ken-thompsons-compiler-hack
Last edited on
'There are no unsafe programming languages - just unsafe programmers'
Yes, c can be 'unsafe' if not used 'properly' by in-expert programmers. C++ is now better (with managed pointers etc) but is not totally safe - especially with legacy C++ code.
This discussion started a long time ago and led to the emergence of Ada which was mandated in 1991 by the USA Defence dept. The latest standard is Ada 2022.
So why is Ada not being used widely?
Yes, c can be 'unsafe' if not used 'properly' by in-expert programmers. C++ is now better (with managed pointers etc) but is not totally safe - especially with legacy C++ code.
This discussion started a long time ago and led to the emergence of Ada which was mandated in 1991 by the USA Defence dept. The latest standard is Ada 2022.
So why is Ada not being used widely?
you use what the government tells you to if you work for them, directly or indirectly. This is true of any company .. if you join up with some big gaming studio, and you only know python, they are probably going to tell you they want C and C++. Its the same thing -- you want the money, you play in the sandbox where the money is. If you don't like it, find another sandbox. In this sense, the government is just like any other company, though its a LARGE one.
As far as my personal opinion on it, I think that boycotting a specific language is a result of one of a few things. It could be a follow the money thing -- eg if those invested in the tools for ADA or JAVA or whatever their replacement will be donated enough money to enough campaigns.... yes, I am jaded enough to think this is at least a possibility; I used to be a gov't contractor. It could be taken at face value, in which case the upper (nontechnical) managers and goobers at the top are playing follow the trends and buzzwords again which is a neverending thing "now we will do agile, but with these improvements so we have more micromanagement in the loop" kind of crap. It could be they had a bad experience with someone's project. Or any of a dozen other things. You never know where this stuff comes from, just at some point someone makes a call and its done, for better or worse.
I think its dumb, personally. C++ is as safe as any other equally powerful and efficient language out there. Its most unsafe features are misuse of legacy features like raw pointers or C arrays, unions, preprocessor, etc. All that stuff we know to not do in production code. The modern features have some gotchas too, but so do other languages. The safer the language, the more they took away from the programmer. Its true, you can't break as much with one hand tied behind your back, but you also can't do as much.
As far as my personal opinion on it, I think that boycotting a specific language is a result of one of a few things. It could be a follow the money thing -- eg if those invested in the tools for ADA or JAVA or whatever their replacement will be donated enough money to enough campaigns.... yes, I am jaded enough to think this is at least a possibility; I used to be a gov't contractor. It could be taken at face value, in which case the upper (nontechnical) managers and goobers at the top are playing follow the trends and buzzwords again which is a neverending thing "now we will do agile, but with these improvements so we have more micromanagement in the loop" kind of crap. It could be they had a bad experience with someone's project. Or any of a dozen other things. You never know where this stuff comes from, just at some point someone makes a call and its done, for better or worse.
I think its dumb, personally. C++ is as safe as any other equally powerful and efficient language out there. Its most unsafe features are misuse of legacy features like raw pointers or C arrays, unions, preprocessor, etc. All that stuff we know to not do in production code. The modern features have some gotchas too, but so do other languages. The safer the language, the more they took away from the programmer. Its true, you can't break as much with one hand tied behind your back, but you also can't do as much.
Last edited on
Registered users can post here. Sign in or register to post.