Improving C++ – Schneier on Security

2 months ago AndyC

Improving C++
C++ guru Herb Sutter writes about how we can improve the programming language for better security.

Improving C++

C++ guru Herb Sutter writes about how we can improve the programming language for better security.

The immediate problem “is” that it’s Too Easy By Default™ to write security and safety vulnerabilities in C++ that would have been caught by stricter enforcement of known rules for type, bounds, initialization, and lifetime language safety.

His conclusion:

We need to improve software security and software safety across the industry, especially by improving programming language safety in C and C++, and in C++ a 98% improvement in the four most common problem areas is achievable in the medium term. But if we focus on programming language safety alone, we may find ourselves fighting yesterday’s war and missing larger past and future security dangers that affect software written in any language.

Tags: ,

Sidebar photo of Bruce Schneier by Joe MacInnis.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , ,

More Stories

Finland authorities warn of Android malware campaign targeting bank users

Finland authorities warn of Android malware campaign targeting bank users

6 hours ago AndyC
Law enforcement seized Lockbit group's website again

Law enforcement seized Lockbit group’s website again

12 hours ago AndyC
NATO and the EU formally condemned APT28 cyber espionage

NATO and the EU formally condemned APT28 cyber espionage

18 hours ago AndyC
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION

24 hours ago AndyC
GenAI Continues to Dominate CIO and CISO Conversations

GenAI Continues to Dominate CIO and CISO Conversations

24 hours ago AndyC
Blackbasta gang Synlab Italia attack

Blackbasta gang Synlab Italia attack

2 days ago AndyC

You may have missed

Atos receives four offers of help

Atos receives four offers of help

3 mins ago AndyC
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices

China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices

3 mins ago AndyC
It Costs How Much?!? The Financial Pitfalls of Cyberattacks on SMBs

It Costs How Much?!? The Financial Pitfalls of Cyberattacks on SMBs

3 mins ago AndyC
Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components

Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components

4 mins ago AndyC
New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs

New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs

4 mins ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.