Path: csiph.com!news.mixmin.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Thiago Adams Newsgroups: comp.lang.c++,comp.lang.c Subject: Re: "White House to Developers: Using C or C++ Invites Cybersecurity Risks" Date: Tue, 12 Mar 2024 15:54:21 -0300 Organization: A noiseless patient Spider Lines: 27 Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Injection-Info: dont-email.me; posting-host="713f1c401e6d48d953031393ec49325f"; logging-data="483642"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/2+vXfvG6N1YT7FKwUO2tSQ34TI3U86TY=" User-Agent: Mozilla Thunderbird Cancel-Lock: sha1:R4M5wxKaiLuHJOAD/BShIu3m0zk= In-Reply-To: Content-Language: en-US Xref: csiph.com comp.lang.c++:118512 comp.lang.c:383556 On 06/03/2024 04:43, Mr. Man-wai Chang wrote: > On 5/3/2024 9:51 pm, Mr. Man-wai Chang wrote: >> On 3/3/2024 7:13 am, Lynn McGuire wrote: >>> >>> "The Biden administration backs a switch to more memory-safe programming >>> languages. The tech industry sees their point, but it won't be easy." >>> >>> No.  The feddies want to regulate software development very much.  They >>> have been talking about it for at least 20 years now.  This is a very >>> bad thing. >> >> A responsible, good progreammer or a better C/C++ pre-processor can >> avoid a lot of problems!! > > Or maybe A.I.-assisted code analyzer?? But there are still blind spots... I think AI could be used and give goods result but it is not ideal. The advantage of AI it could understand patterns. Like the names init and destroy could work as tips or patterns. However, I think programming needs a formal language for contracts and the static analysis needs to check them. Also ideally is better contracts for the interface rather having to see the body of the functions.