[11152] in cryptography@c2.net mail archive
It's Time to Abandon Insecure Languages
daemon@ATHENA.MIT.EDU (James A. Donald)
Fri Jul 19 23:56:50 2002
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@wasabisystems.com
Date: Fri, 19 Jul 2002 17:12:08 -0700
--
On 19 Jul 2002 at 7:44, Andreas Bogk wrote:
> Actually, there are a couple of languages out there that beat=20
> C/C++ both in terms of efficiency *and* safety. The=20
> International Contest for Functional Programming has been won=20
> consistently by teams *not* using C/C++, and that's not because=20
> nobody tried.
I do not wish to start a language holy war, but I have full life=20
cycle experience in various projects in various languages, and my=20
experience was that if you use any language other than C/C++=20
ninety percent of the project goes much faster, and has far fewer=20
bugs than C++, and the remaining ten percent, which you have to=20
deliver in order to ship, involves a large number of horrible=20
hacks which effectively negate all the safety features of the=20
language and environment, take a very long time, and lead to all=20
sorts of problems.
> If we understand that C/C++ are bad languages, I think it's=20
> about time to question the justification of using operating=20
> systems written in these languages as well.
Why, I ask, is just about everything that large numbers of people=20
use written largely in these languages?
=46rom my experience, the answer would be that stuff written in=20
other languages was never ready to ship. It was always=20
"essentially complete", and "completed except for integration and=20
install issues", and "ninety nine percent complete", and "working,=20
bug free, and fully deliverable, but there are some matters that=20
have to be resolved before we deliver".
I used to think that a good compromise was to write the gui in=20
visual basic, (or these days in flash and html) and drop into C as=20
required to handle the internals. This does lead to a deliverable=20
product in a reasonable time -- but after delivery one still finds=20
oneself needing to rewrite stuff into C++ that was in visual basic=20
or flash script.
As a result of my full life cycle experience on a variety of=20
projects, I am coming back towards the view that one might as well=20
write the whole damn thing in C++, rather than discovering after=20
delivery what parts really should have been written in C++.
Of course that sounds much like the old fogy argument, that one=20
should write everything in assembler, because one needed to write=20
some things in assembler. As compilers improved, that argument=20
became obsolete.
Perhaps with C# and .net the old fogy argument for C++ has also=20
become untrue -- but it was still true pretty recently.=20
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
YSrvoU0D3akuA2g2heOzqPt8gzWX6imCFjjDSDE4
2swXqrKC3hDGNG8gjjm9oIkzGoL63EAnI+jlRT98v
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
