It's Time to Abandon Insecure Languages

James A. Donald jamesd at echeque.com
Fri Jul 19 20:12:08 EDT 2002 

    --
On 19 Jul 2002 at 7:44, Andreas Bogk wrote:
> Actually, there are a couple of languages out there that beat 
> C/C++ both in terms of efficiency *and* safety.  The 
> International Contest for Functional Programming has been won 
> consistently by teams *not* using C/C++, and that's not because 
> nobody tried.

I do not wish to start a language holy war, but I have full life 
cycle experience in various projects in various languages, and my 
experience was that if you use any language other than C/C++ 
ninety percent of the project goes much faster, and has far fewer 
bugs than C++, and the remaining ten percent, which you have to 
deliver in order to ship, involves a large number of horrible 
hacks which effectively negate all the safety features of the 
language and environment, take a very long time, and lead to all 
sorts of problems.

> If we understand that C/C++ are bad languages, I think it's 
> about time to question the justification of using operating 
> systems written in these languages as well.

Why, I ask, is just about everything that large numbers of people 
use written largely in these languages?

From my experience, the answer would be that stuff written in 
other languages was never ready to ship.  It was always 
"essentially complete", and "completed except for integration and 
install issues", and "ninety nine percent complete", and "working, 
bug free, and fully deliverable, but there are some matters that 
have to be resolved before we deliver".

I used to think that a good compromise was to write the gui in 
visual basic, (or these days in flash and html) and drop into C as 
required to handle the internals.  This does lead to a deliverable 
product in a reasonable time -- but after delivery one still finds 
oneself needing to rewrite stuff into C++ that was in visual basic 
or flash script.

As a result of my full life cycle experience on a variety of 
projects, I am coming back towards the view that one might as well 
write the whole damn thing in C++, rather than discovering after 
delivery what parts really should have been written in C++.

Of course that sounds much like the old fogy argument, that one 
should write everything in assembler, because one needed to write 
some things in assembler.  As compilers improved, that argument 
became obsolete.

Perhaps with C# and .net the old fogy argument for C++ has also 
become untrue -- but it was still true pretty recently. 

    --digsig
         James A. Donald
     6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
     YSrvoU0D3akuA2g2heOzqPt8gzWX6imCFjjDSDE4
     2swXqrKC3hDGNG8gjjm9oIkzGoL63EAnI+jlRT98v


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list