C++ can be written to be safe. I don’t think WH is the right authority to issue this warning. Naming C++ rather than going after specific features is unfair.
I suspect that the white house just received a report from some people in the industry stating that faulty software is vulnerable to attacks from bad actors, and from that basis they just went the simplistic path of arguing that 1) lots of software is written in C++, 2) that software has bugs, therefore if we don’t use C++ then we won’t have bugs.
As a branch of government, their role is not to evaluate technical merits of proposals but to hear what their representatives have to say.
One of their sources is the NSA, which is both mandated to make such recommendations and has the competence to do so. And as for the safety of C++, it’s possible to write unsafe code in modern C++. One of the best examples is multithreaded code. Modern C++ is far safer than C or pre-C++11, but it doesn’t address the entire space of memory safety.
I suspect that the white house just received a report from some people in the industry stating that faulty software is vulnerable to attacks from bad actors, and from that basis they just went the simplistic path of arguing that 1) lots of software is written in C++, 2) that software has bugs, therefore if we don’t use C++ then we won’t have bugs.
As a branch of government, their role is not to evaluate technical merits of proposals but to hear what their representatives have to say.
One of their sources is the NSA, which is both mandated to make such recommendations and has the competence to do so. And as for the safety of C++, it’s possible to write unsafe code in modern C++. One of the best examples is multithreaded code. Modern C++ is far safer than C or pre-C++11, but it doesn’t address the entire space of memory safety.