US President Joe Biden has called for programmers and software developers to move away from programming languages such as C and C++, which are not considered to be “memory safe”. The White House Office of the National Cyber Director argues that by doing so, developers would be able to substantially reduce vulnerabilities, in turn reducing the possibility of cyber attacks and other malicious acts.
This is not the first time that such a measure and shift has been suggested. Back in December 2023, several agencies from several countries including the US, UK and Canada, amongst others, have jointly promoted the use of memory safe programming languages.
Despite the security advantages in undertaking such a shift, there are many reasons why this may not be the most feasible. It should absolutely be noted that these languages have numerous benefits, including execution speed, low level access to hardware, rich ecosystems, etc.
Another reason for the lack of feasibility is that, C and C++ are two hugely important, significant and widely used languages which are extensively used in various important industries including scientific, defence, financial and more. The fact that the code is this widespread presents a significant challenge to moving away, as these systems need to be maintained and future code still needs to be compatible. Rewriting codebases to other languages is also a hugely complex and time consuming undertaking.
Overall, while there are reasons that this is not exactly the best course of action, the fact that several agencies are recommending this course of action could show that there is a potential cultural shift. It is still something that is worth keeping an eye out for.