[Cryptography] Subject: Re: Swift and cryptography
Arnold Reinhold
agr at me.com
Tue Jun 10 14:25:47 EDT 2014
On Mon, 09 Jun 2014 17:14 Nemo <nemo at self-evident.org> wrote:
> "What we need most, at this juncture, is another programming language"
>
> ...said nobody over the age of 30, ever.
Apple has 9 million registered developers (who pay $99/yr for the privilege), many over 30, and the general reaction to Swift has been quite positive, if not ecstatic. Unlike most new languages, even ones that get glowing reviews, Swift is guaranteed get a lot use from the get go and a vast amount of software, used daily by hundreds of millions of people, will be written in it over the coming decade.
> ...
>> Swift also allows types to have properties, and the properties 'min'
>> and 'max' are defined in Swift for all integer types, e.g. UInt8.max,
>> which is 255.
>
> Awesome! If only the C++ committee had thought of this and incorporated
> it into the ISO standard back in 1998.
>
> Oh wait, they did:
>
> // Initialize n to 255.
> int n = std::numeric_limits<uint8_t>::max();
>
That is exactly the syntax bear was complaining about. Not very easy to remember compared to:
n = UInt8.max
Checks that are hard to implement are more likely to get left out. And what happens if I define a new type whose underlying data is an int? And how do I write a generic function that checks for potential overflow? It seems straightforward the way Swift implements type properties. I'm not enough of an expert on C++ to say it can't be done, but I'd be curious to know how.
>
>
>> One area that comes to mind is some way to erase data that is
>> guaranteed not be removed by the optimizer.
>
> Formally meaningless. Optimizers do not "remove" anything; they
> transform code into semantically equivalent code, where "semantically
> equivalent" is defined by the language specification. Concepts outside
> of the language -- like "leaking data to the operating system" -- do not
> generally appear in the language spec, and for good reason.
>
> "Guaranteed erasing of data" is and always will be a platform-specific
> concept, regardless of language.
>
That doesn't make it any less important for security. And Apple controls its platforms.
Arnold Reinhold
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140610/93fd144e/attachment.html>
More information about the cryptography
mailing list