[Info-vax] NSA on programming languages
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Mon Nov 14 16:02:55 EST 2022
On 2022-11-14 18:46:59 +0000, Simon Clubley said:
> On 2022-11-11, Arne Vajhøj <arne at vajhoej.dk> wrote:
>>
>> <quote>
>> Examples of memory safe language include C#, Go, Java, Ruby?, Rust, and Swift.
>> </quote>
>>
>
> There's a language missing from that list.
Yes, there are various languages missing from that list. Hence the use
of the word "include" there, and not a word such as "comprise".
> On a related note, I've just found out today that NVIDIA have made a
> _very_ interesting decision with regards to moving towards using a
> safer programming language:
>
> https://developers.slashdot.org/story/22/11/13/010222/nvidia-security-team-what-if-we-just-stopped-using-c
>
>
> I wonder if they will be a one-off or if more organisations will follow ?
There have been other organizations making a similar shift.
And it gets easier. Rust kernel support is now part of Linux.
<https://docs.kernel.org/rust/index.html>
>From a few years ago, Microsoft has been pondering and prototyping
Rust:
<https://msrc-blog.microsoft.com/2019/11/07/using-rust-in-windows/>
Apple was hiring for folks to migrate existing C system into Rust from
a few years ago, though with few details. ("The performance and
security of the systems we build are critical. We interface directly to
low-level Linux kernel interfaces, using asynchronous I/O and threads
to distribute workload. Following a very successful first foray into
Rust we are migrating an established codebase from C to Rust, and
building new functionality primarily in Rust." )
As for other languages for that list, Google have added Carbon
<https://github.com/carbon-language/carbon-lang>, so we'll see how that
works out.
This C-to-Rust transpiler looks like fun, not that I'd be in a rush to
push the resulting (unsafe) Rust code into production:
<https://github.com/immunant/c2rust>
As for transpiling or rewriting more generally, few places will go to
the effort of replacing the existing C or C++ code—or the existing
BLISS or Macro32 code, for that matter—to anything else. Not past
incremental work and updates, or replacement when substantial updates
are needed, or other issues arise. Issues such as when one vendor was
replacing their existing Ada code due to (a lack of) compiler support
on the target platform.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list