Biden Admin Wants Software Companies to Move Away From C and C++ Languages

White House calls on programmers to embrace programming languages that don’t have exploitable memory-safety issues.
Biden Admin Wants Software Companies to Move Away From C and C++ Languages
The White House in Washington on Feb. 15, 2024. Madalina Vasiliu/The Epoch Times
Bill Pan
Updated:
0:00

The Biden administration is calling on software developers to ditch C and C++, two of the oldest surviving and most prominent programming languages, in favor of alternatives that have inherent memory-safety features.

Software companies “can prevent entire classes of vulnerabilities from entering the digital ecosystem” by embracing programming languages that don’t have memory-safety issues hostile foreign powers and criminal hackers are exploiting, the White House said.

Memory-safe programming languages are protected from security bugs related to how memory can be accessed, allocated, or rewritten in unintended ways. For example, an out-of-bounds reads bug could allow an attacker to read from adjacent blocks in memory that may contain private data, while a use-after-free bug could give the attacker access to information in memory that was already deleted.

Microsoft revealed at a conference in 2019 that from 2006 to 2018, 70 percent of their vulnerabilities were because of memory safety issues. In 2021, Google said it found that a similar percentage of severe security bugs in Chrome are memory safety problems.

“We, as a nation, have the ability—and the responsibility—to reduce the attack surface in cyberspace and prevent entire classes of security bugs from entering the digital ecosystem but that means we need to tackle the hard problem of moving to memory-safe programming languages,” Harry Coker, the White House’s national cyber director, said in a Feb. 26 press release.

A 19-page report released the same day by Mr. Coker’s office gave C and C++ as two examples of programming languages that “both lack traits associated with memory-safety and also have high proliferation across critical systems.”

Meanwhile, languages such as Rust, Python, and Java are among the recommended replacements.

“When large code bases are migrated to a memory-safe language, evidence shows that memory safety vulnerabilities are nearly eliminated,” it stated.

The report is endorsed by major industry leaders, including SAP, Accenture, Palantir, and Hewlett Packard Enterprise. Some have vowed to migrate their legacy code to memory-safe programming languages—a task that could take decades, depending on the size of the company.

C++ Creator Defends Its Safety

The new White House report highlighted a 2022 bulletin by the U.S. National Security Agency (NSA), which advised programmers to use alternative languages instead of C and C++ to avoid exploitable memory-based vulnerabilities.

“Commonly used languages, such as C and C++, provide a lot of freedom and flexibility in memory management while relying heavily on the programmer to perform the needed checks on memory references,” the agency said, recommending a “strategic shift” from C and C++ languages to a memory-safe language when possible.

The C language was created in the early 1970s by late computer scientist Dennis Ritchie at Bell Laboratories. An extension to the C language, C++, was developed in 1983 by Bjarne Stroustrup—another Bell Labs legend—to give programmers a high level of control over system resources and memory.

Four decades after its creation, C++ remains the gold standard for high-performance software, ranging from mainstream web browsers such as Chrome and Firefox, to Adobe’s image production suite that includes Photoshop, Unreal Engine, which powers some of the most graphically demanding video games, and the autonomous flight safety system mounted on SpaceX’s “Dragon 2” reusable spacecraft.
C++’s unfading relevance is also reflected in the TIOBE index, which monitors the popularity of programming languages in the global community of programmers. As of February, C++ is ranked third, capturing 10.53 percent on the index and only trailing behind C (10.97 percent) and Python (15.16 percent).

In response to the NSA’s recommendations, Mr. Stroustrup said the NSA was ignoring his more than 30 years of work to make the language “better, safer, and more efficient.”

According to Mr. Stroustrup, a Danish computer scientist teaching as a visiting scholar at Columbia University, memory safety is just one aspect to look at when determining how “safe” a language is. “There are on the order of a dozen other ways that a language could, and will, be used to violate some form of safety and security,” he wrote last year in a published response.

“There is not just one definition of ’safety,' and we can achieve a variety of kinds of safety through a combination of programming styles, support libraries, and enforcement through static analysis,” the computer science pioneer explained. “The most obvious would be to request guaranteed full type-and-resource safety.”

“Ignoring the safety issues would hurt large sections of the C++ community and undermine much of the other work we are doing to improve C++,” he wrote. “So would focusing exclusively on safety.”

The NSA did acknowledge that memory management isn’t entirely safe even in a “memory-safe” language, and that mechanisms such as static and dynamic application security testing (SAST and DAST) can identify memory use issues in software coded in so-called non-memory-safe languages.

With that said, neither SAST nor DAST can make non-memory-safe code totally memory-safe, according to the NSA.

Related Topics