The US government wants companies to stop using C and C++ because they are unsafe


  • US government agencies are speaking out about memory-insecure languages
  • C/C++ pose a “risk to national security”, the economy, public health and safety
  • Developers working with critical infrastructure are advised to follow further guidance

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have advised companies not to use the popular programming languages ​​C and C++ due to security concerns.

The joint reportTitled “Product Security Bad Practices,” it is part of CISA’s “Secure by Design” initiative and hopes to steer software manufacturers away from risky practices when creating products for critical infrastructure.