Home The NSA list of memory-safe programming languages has been updated

The NSA list of memory-safe programming languages has been updated

The US government says it would be better for them if you ceased using C or C++ when programming tools. In a recent report, the White House Office of the National Cyber Director (ONCD) has urged developers to utilize “memory-safe programming languages,” a classification that does not include widely used languages. The recommendation is a step toward “securing the building blocks of cyberspace” and is a component of US President Biden’s cybersecurity plan.

Memory-safety is the defense against flaws and vulnerabilities related to memory access. Examples of this include dangling pointers and buffer overflows. Java’s runtime fault detection checks make it a memory-safe language. Nonetheless, unconstrained pointer arithmetic with direct memory addresses and without bounds checking is supported by both C and C++.

In no particular order, the NSA suggests these memory-safe programming languages

  • Go
  • Rust
  • C#
  • Swift
  • Java
  • Ruby
  • Python
  • Delphi/Object Pascal
  • Ada

According to a 2019 analysis by Microsoft security engineers, memory safety problems were the root cause of almost 70% of security vulnerabilities. In 2020, Google released a similar figure, although this time it was for Chromium browser issues.

The extensive report says, “Experts have identified a few programming languages that both lack traits associated with memory safety and also have high proliferation across critical systems, such as C and C++.”  And the report continues, “Choosing to use memory safe programming languages at the outset, as recommended by the Cybersecurity and Infrastructure Security Agency’s (CISA) Open-Source Software Security Roadmap is one example of developing software in a secure-by-design manner.”

The 19-page report aims to ensure that small organizations and individuals are not the only ones responsible for cybersecurity. Instead, the onus is on bigger institutions, digital businesses, and ultimately the government. The report seeks to detail what is considered “unsafe” programming languages, namely the use of C and C++.  The Microsoft report says, “We’re not here to debate the pros and cons of programming languages, but it is interesting to see that the report does not suggest a specific language in their place. We are told that there are “dozens of memory-safe programming languages that can — and should — be used.”

Additionally, the paper recommends improving software security metrics. According to ONCD, better measurements let technology providers plan, predict, and address risks before they become an issue.

Featured Image Credit: Paul Buijs; Pexels

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the gambling and blockchain industries for major developments, new product and brand launches, game releases and other newsworthy events. Editors assign relevant stories to in-house staff writers with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Deanna was an editor at ReadWrite until early 2024. Previously she worked as the Editor in Chief for Startup Grind, Editor in Chief for Calendar, editor at Entrepreneur media, and has over 20+ years of experience in content management and content development.

Get the biggest iGaming headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Gambling News

    Explore the latest in online gambling with our curated updates. We cut through the noise to deliver concise, relevant insights, keeping you informed about the ever-changing world of iGaming and its most important trends.

    In-Depth Strategy Guides

    Elevate your game with tailored strategies for sports betting, table games, slots, and poker. Learn how to maximize bonuses, refine your tactics, and boost your chances to beat the house.

    Unbiased Expert Reviews

    Honest and transparent reviews of sportsbooks, casinos and poker rooms crafted through industry expertise and in-depth analysis. Delve into intricacies, get the best bonus deals, and stay ahead with our trustworthy guides.