Published in News

NSA wants companies to move to memory safe languages

by on11 November 2022


C#, Go, Java, Ruby, or Swift never forget 

The National Security Agency (NSA) wants people to move to memory safe programming languages such as C#, Go, Java, Ruby, or Swift.

In its "Software Memory Safety" Cybersecurity Information Sheet the NSA  says that malicious cyber actors can exploit poor memory management issues to access sensitive information, promulgate unauthorized code execution, and cause other negative impacts.

Cybersecurity Technical Director Neal Ziring said: "Memory management issues have been exploited for decades and are still entirely too common today. We have to consistently use memory safe languages and other protections when developing software to eliminate these weaknesses from malicious cyber actors."

Microsoft and Google have each stated that software memory safety issues are behind around 70 percent of their vulnerabilities. Poor memory management can lead to technical issues as well, such as incorrect program results, degradation of the program's performance over time, and program crashes.

The NSA recommends that organisations use memory safe languages when possible and bolster protection through code-hardening defenses such as compiler options, tool options, and operating system configurations.

 

Last modified on 11 November 2022
Rate this item
(2 votes)

Read more about: