![]() Verona, a new programming language being created for safe low-level programming, was also created here. ![]() There, some work was dedicated for shoring up C/C++. In response to this problem of memory-related errors, the Microsoft Security Response Center launched the Safe Systems Programming Language initiative. The same goes for runtime checks: “It’s impossible or it’s very least extremely hard to know when runtime checking contracts are used and when they’re not,” he said, adding that they also come with an operational overhead. “If it’s not on by default it won’t help.” “So there’s a lot of incentive not to use static analysis,” Levick said. But static analysis comes with too much overhead: It needs to be wired into the build system. Static analysis is cited as another possible solution. But, “there is zero evidence that doing holistic training of C and C++ developers will actually fix this issue in any significant way,” Levick said, citing Microsoft’s own heaps of dev internal training. One approach that has been long floated is to do more programmer training in how to write safer code. Of course, there are a number of efforts to boost C++ security, but while each is effective in the way it does, none entirely solves the problem. Back in 2004, each memory-related error cost industry about $250,000 each, and that Microsoft estimation is probably on the lower-end, Levick said. “Despite massive efforts on our part to fix this issue it still seems to be a common thing.”įrom a financial perspective, it makes sense, given the soaring cost of remedying this never-ending stream of memory-related errors. “There is no real trend it’s just staying the exact same,” he said. Now, 70% of the CVEs originating at Microsoft are memory safety issues, Levick said. It is fast, with the only assembly between the code and the machine itself.īut the industry is being crippled by all the memory-related bugs - many of which are security hazards - caused by these languages. Today, C and C++ are the go-to languages for writing core system software. And the best choice on the market today is Rust, Levick said. The industry sorely needs to move to a performant, memory-safe language for its low-level system work. In fact, Microsoft has deemed C++ no longer acceptable for writing mission-critical software. “C++ is not a memory safe language and no one would really pretend that it is,” he said. ![]() “We’re using languages that are, because they are quite old and come from a different era, do not provide us the ability to protect ourselves from these kinds of vulnerabilities, he said. And it is encouraging other software industry giants to consider the same. No matter how much investment software companies may put into tooling and training their developers, “C++, at its core, is not a safe language,” said Ryan Levick, Microsoft cloud developer advocate, during the AllThingsOpen virtual conference last month, explaining, in a virtual talk, why Microsoft is gradually switching to Rust to build its infrastructure software, away from C/C++.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |