As a software engineer, I never heard about that whitehouse press release regarding rust, c++ etc. But we just build web apps using PERN stack so probably not the target demo.
After a decade I have never even considered what the Whitehouse recommends. I also don't think many developers are gonna change because of it. 😂 Think of all the time you wasted debating what technology to use with your peers... hahahah
Don't worry. I'm a software engineer who uses c++ pretty exclusively. Everyone who programs with c++ didn't either, and on top of that most laughed when everyone I know heard of it. C++ hasn't been replaced after many decades, and isn't looking to change because the WH begs of it.
@@BeWhoYouWant2yeah. I'm not expecting hacker of the year, but she doesn't even give off script kiddie knowledge level. Hak 5 has some decent tools, but is this the best they could find? If I hadn't personally used their tools I wouldn't try them now.
Quantum encryption is the inevitable future of public key crypto. RSA and x25519 will be entirely ineffective against quantum computing eventually. It's important to move on from these protocols now, before they become ineffective to prevent harm in the future.
I can see the White House logic, but as a developer I can not agree. There is no language that can even come close to C++, it doesn't have any alternative. And remember any buffer overflow is a bug in the source code, so it's more important to just focus on code quality. I think the real answer is using memory safe APIs, but that is more difficult to do then switching the language. For example always using templates to deduce the array or buffer size is a good way to think about the problem, but only works with a C++ API and not with a C API
I teach Gov students and this is the first I heard of it and I try to stay abreast of ONCD. I do not think this is the most efficient method of spreading the word, but that's a constant challenge for them.
I have been recommending Rust for the last 5 years. Specifically , I was mapping CVE's to the program languages, versions, and libraries. This impacts included, user layer applications, operating systems, and protocol standards (ieee Ethernet, Bluetooth, near field, wifi, and much more.
Big fan of these eye-glasses because my daughter - who told me she "lost all respect of (me)" when I wore the same, says "they look good on her" without any irony. Really? Seriously, though, the grainy AND moving background on text-overs with outline font is quite distracting. No, I've never heard of any announcement from the White House regarding language - or software technique in general. Aren't there plenty of other government agencies who are more suited for such recommendations?
We knew lockbit wouldn't gone long, simply too few arrests for that. Those of us in the Security sphere have know about Rust for many years (look in any CISSP manual), but Devs don't care, and that's where the push needs to go. Oh a word to wise, NEVER announce that something is uncrackable. I remember as a nipper being told reversing a hash would take longer than the life time of the Universe... a couple years later my humble laptop could do just that in seconds. Point being, we can only keep kicking the crypto can down the road.
Is the specification (and reference implementation) for Apple's PQ3 protocol publicly available? If not, I'd count it as "security by obscurity" for now.
Please, it's not "the Ukraine". This has been a grammatical correction for over 5 years now and the error is very insulting to Ukrainians if you get it wrong. The article "the" denotes the noun is part of a larger system and denies independence. Ukraine was a part of the Soviet Union, that's when the term was correct. Ukraine has been independent for 30+ years and the only people using the definite article are those that use it to deny Ukraine's independence while it fights a genocidal war!
There is no chance I'm going recommend Rust as a programming language. I'll fire any Senior Developer that even mentions it. A Whitehouse recommendation just signed a death warrent on Rust. We are all wondering what vulnerabilities the NSA or CIA have slipped into Rust now?
Cracks me up about Rust as you can simply use unsafe as many apps have in the past and no different than C. Should we remove knives from households because you could hurt yourself or others or trust you to use the knife to prepare food?
kek, i write my software in the langauges i want, wether it be python or made up hyroglyphs as long as it does what it need to it nobody should even care
Gosh I hate to say it because she so new, but your kinda right. If this was the first time seeing this channel , that's what I would have thought. Ill cut her some slack, Ill just pay attention to the content......for now
@@coolergappney1943You can be heterosexual without seeming creepy. In fact, that’ll probably lead to not needing to be creepy on the internet because women may actually want to talk to you.
@@NinjaRunningWild Whatever you wanna believe white knight 🤣 if you honestly think commenting on youtube is going to pick you up a girlfriend then you probabaly have you're own issues to contend with before solicitng advice.
You should probably review this prior to posting. A little hard to listen to with so many mispronunciations. Not trying to be rude but you should know.
memory safe is great, but hardly addresses the actual problem, lacks or totally lacking network security and or any attempts at updating and maintaining 20-30 year old software stacks, it matters nought whether the industry in general starts shifting towards memory safe languages, or it the existing languages as they are are hardened in that regard, both are viable tracks towards increasing memory safety, and would not require software re-writes, only minor modifications and a re-compile. again, running a major software distribution ( download) outlet on a simple ftp server that had a very trivial password, anyone could perform a man in the middle attack on that, and inject any anything they want into that package, and that wasn't the weakest point in the chain. Running an outdated version of php , like why? memory safely doesn't even get to play here, if you don't keep your systems up to date. running ancient software on ancient windows to control critical infrastructure , yea, tell me about memory safety? update first, set your network security up properly, yada yada yada, nobody listens
Meanwhile the gov uses languages like ADA on it's own projects. I think rust shot itself in the foot when they went nuclear on their trademark crackdown. Unstable language, unstable management team. You might as well code in Java v.1, we know how secure that turned out to be. Personally I think all non-C languages should compile to C, and then compile to a specific platform. Only then can we see the unmade bed they call a "uniform". Or at least use a compiler we are familiar with and "t-rust"?