DEV Community

Cover image for Whitehouse Declares Software Should Be Memory Safe
Ben Halpern
Ben Halpern

Posted on

Whitehouse Declares Software Should Be Memory Safe

#discuss #watercooler #news #security

Not sure I saw this coming

Kind of interesting and funny to see the US federal government weigh in on a topic of such specificity in software development.

Press Release: Future Software Should Be Memory Safe | ONCD | The White House

favicon whitehouse.gov

Top comments (16)

Collapse
 
link2twenty profile image
Andrew Bone

Good time to learn rust 😉

Collapse
 
ben profile image
Ben Halpern

Is Andrew Bone a government mole?

Collapse
 
eljayadobe profile image
Eljay-Adobe

Deep state sleeper agent.

Before the sleeper awakens, we all had better learn Rust. And pronto!

Thread Thread
 
link2twenty profile image
Andrew Bone

homer gif

Collapse
 
mainarthur profile image
Arthur Kh

meme

Collapse
 
ben profile image
Ben Halpern

Lol

Collapse
 
rachelfazio profile image
Rachel Fazio

Love

Collapse
 
manchicken profile image
Mike Stemle

The White House should familiarize itself with the OWASP Top Ten.

Collapse
 
ben profile image
Ben Halpern

That’ll solve the problem

Collapse
 
manchicken profile image
Mike Stemle • Edited

It's just wild that the first major product of this commission is this. I know this won't be the only thing they'll release, but I have a lot of issues where people talk about memory safety like it's a silver bullet.

The problems with software quality which lead to security flaws are almost always attributed to folks not having process around development and quality which require folks take their time when writing code, and don't review or test their code for security.

I've been working in the industry for nearly 26 years, and I keep finding that organizations which have higher quality products have it because they intentionally built them to be high quality.

No amount of a memory-safe language is going to dig us out of a mess created by organizations which tell people to write code and fail to give them the time and tools to make sure their product is good.

Collapse
 
cicirello profile image
Vincent A. Cicirello

It might seem surprising to see this from the Whitehouse, but some months ago, the NSA and CISA along with their counterparts from other countries made this recommendation.

U.S. and International Partners Issue Recommendations to Secure Software Products Through Memory Safety > National Security Agency/Central Security Service > Press Release View

FORT MEADE, Md. - The National Security Agency (NSA) joins Cybersecurity and Infrastructure Security Agency (CISA) and U.S. and international partners in releasing ”The Case for Memory Safe Roadmaps”

nsa.gov
Collapse
 
daveparr profile image
Dave Parr

Fun that the govenrment choose to wiegh in on memory operations, but not more public accessible and tangible things like password reuse across multiple platforms and multi-factor authentication.

Collapse
 
daveparr profile image
Dave Parr

OK, immediately self-debunked my own statement: cbsnews.com/news/white-house-cyber...

TBF it was 8 years ago and in a country I'm not in.

Collapse
 
shobhitic profile image
Shobhit🎈✨

I hope it's not for ALL the software that anyone is producing 😅

Collapse
 
shricodev profile image
Shrijal Acharya

Rust time 😂

Collapse
 
vahidn profile image
Vahid Nasiri

Start learning C# :)

View full discussion (17 comments)

Some comments may only be visible to logged-in visitors. Sign in to view all comments.

Read next

jadijadi profile image

Unveiling the xz Utils Backdoor which deliberately opens our SSH connections for RCEs

Jadi -

mvaja13 profile image

CORS Error Explained and How to Fix It?

Gautam Vaja -

wiliamvj profile image

Preventing SQL Injection with Golang

Wiliam V. Joaquim -

sloan profile image

Sloan's Inbox: How do you ask for help?

Sloan the DEV Moderator -