Skip to main content
  1. Home
  2. Computing
  3. News

The White House just warned against using these popular programming languages

By

A woman and a man sit together by a desk, using a graphics editing program on a computer.
Intel

Some of developers’ favorite programming languages cause the biggest security risk for systems that require the utmost safety, according to the White House.

Recommended Videos

The government sanctioned Office of the National Cyber Director (ONCD), recently released a report detailing that it is recommending that developers use various “memory-safe programming languages.” This list happens to exclude popular languages, such as C and C++, which have been deemed to have flaws in their memory safety that make them security risks.

Related

As Tom’s Hardware points out, memory safety is the protection engrained within memory access that keeps bugs and vulnerabilities at bay. Such examples include the runtime error detection checks in Java, which is considered a memory-safe language. However, C and C++ have no safety checks and allow direct access to memory.

Several companies, including Microsoft and Google, have connected security vulnerabilities to memory safety issues with their systems. In 2019, Microsoft found that around 70% of security vulnerabilities were caused by memory safety issues. Google reported the same figure in 2020 in regard to bugs in its Chromium browser. Notably, Microsoft only recently expanded the compatibility of its own App Store to include developer use of languages such as C++.

With C and C++ being among the programming languages that don’t have built-in safety checks, the ONCD recommends against using them within large organizations, tech companies, and government entities. The advice coincides with President Joe Biden’s cybersecurity strategy to “secure the building blocks of cyberspace.”

Even so, the ONCD does not have an approved list of programming languages and has simply asked companies to use discernment with their software, while also opting for memory-safe hardware to minimize security issues. The closest these is to a sanctioned list is one devised by the National Security Agency (NSA) in 2022. The memory safe languages include:

  • Rust
  • Go
  • C#
  • Java
  • Swift
  • JavaScript
  • Ruby

Tom’s Hardware noted while these languages might past the test security-wise, many of them are not developer favorites. The publication added that the languages are in the top 20, but only four of them, C#, Java, Python, and JavaScript, are consistently popular with developers.

This report is a recommendation not, a rule. It will be interesting to see how companies and developers work with it as time goes on.

Topics
Fionna Agomuoh
Fionna Agomuoh
Former Digital Trends Contributor
Fionna Agomuoh is a Computing Writer at Digital Trends. She covers a range of topics in the computing space, including…

Editors’ Recommendations

This GPT-powered Discord bot can teach you a new language — here’s how to use it
Memrise bot in the Discord app directory.

In some cases, the main hurdle to learning a new language is simply convenience. That's the issue Memrise is trying to tackle with its new Discord bot. If you're unfamiliar, Memrise is a language-learning app similar to Duolingo, but it uses GPT (the AI model behind ChatGPT) to engage the language-learning process.

The Discord bot allows you to have a natural conversation on your own Discord server in any of the 19 available languages. It's powered by the GPT-3 model, and Memrise includes a variety of conversation starters to get you practicing in your chosen language. Here's how to set up the app and use it.
How to use Memrise Discord bot

Read more
Protect public from AI risks, White House tells tech giants
A robot holding scales of justice.

At a meeting of prominent tech leaders at the White House on Thursday, vice president Kamala Harris reminded attendees that they have an “ethical, moral, and legal responsibility to ensure the safety and security” of the new wave of generative AI tools that have gained huge attention in recent months.

The meeting is part of a wider effort to engage with advocates, companies, researchers, civil rights organizations, not-for-profit organizations, communities, international partners, and others on important AI issues, the White House said.

Read more
Someone just used ChatGPT to generate free Windows keys
A MacBook Pro on a desk with ChatGPT's website showing on its display.

ChatGPT is an incredibly capable piece of tech, with a huge number of interesting uses. But, perhaps inevitably, people have put it to use for less noble purposes. Now, someone has used it to generate valid Windows license keys for free.

The discovery was made by YouTuber Enderman, who used ChatGPT to create license keys for Windows 95. Why Windows 95? Well, support ended for it 20 years ago, so this was essentially an exercise in curiosity from Enderman rather than an attempt to crack more modern versions like Windows 11.

Read more