"Memory-Safe Programming Languages Are on the Rise. Here's How Developers Should Respond"
According to a study by Consumer Reports, developers in the private and public sectors should commit to using memory-safe languages for new products and tools. They are also urged to identify the most critical libraries and packages to move to memory-safe languages. The US nonprofit known for evaluating consumer products investigated what actions can be taken to promote memory-safe programming languages, such as Rust, over C and C++. Consumer Reports wants to address industry-wide problems that cannot be resolved through user behavior or consumer choice, citing memory unsafety as one of the issues. The report titled "Future of Memory Safety" delves into various memory-related issues, such as the difficulties in promoting memory-safe language adoption in universities, the levels of distrust for memory-safe languages, the introduction of memory-safe languages to code bases written in other languages, as well as incentives and public accountability. In 2019, Microsoft disclosed that 70 percent of the security flaws it had addressed over the previous 12 years were memory-safety vulnerabilities. The percentage was high because Windows was mostly written in C and C++. Since then, the National Security Agency (NSA) has advised developers to move from using C++ towards C#, Java, Ruby, Rust, and Swift. This article continues to discuss key findings and points made in the Consumer Reports study on memory safety.