> eWEEK July 8, 2002 > It's Time to Abandon Insecure Languages > The security of the internet took a one-two combo to the gut ...
Ugh, looks like the English language did too. :-) > These holes > demonstrate that we must switch to writing security-sensitive code in > managed environments, like the Java virtual machine or .Net run-time, that > continually enforce code/data distinctions. This is nonsense, you don't need a managed environment to get type safety. Pascal was being compiled ahead of time for years before Java was ever thought of. (You can break type safety in Pascal, but you have to make an effort.) If you want totally type safe languages that use ahead of time compilation, look at Eiffel, Sather, the Bigloo Scheme compiler, and so on. Also don't forget gcj, which does ahead of time compilation for Java with the same type checking that you get in the "managed environment". > We have to get over the bias that there's something dishonorable about > choosing languages that prize safety over pure efficiency. This I can agree with. On the other hand I don't see Java as a language that emphasises safety. It may have type checking, but it has inherited a lot of obscure syntax from C. Remember, we aren't just interested in avoiding type errors. We have to reduce the overall bug counts, because there are plenty of security holes that don't result from typing problems. It would be better to look at Eiffel (or Ada if you really must, but personally I don't like it). Eiffel has a Pascal-like syntax which is more verbose than Java, but more readable. You have to type a bit more, but you don't waste hours debugging because you wrote "=" instead of "==". It has a few other special features to help you write bug free code. For example statement blocks can be annotated with conditions that are supposed to be true on entry and exit. This is supposed to enforce a "programming by contract" mentality. Perl-style tainting would be an interesting thing to add to another language. IMHO, Perl is not a good safe language because its syntax is even more obscure than C's. (It does have the advantage of being almost completely type safe though.) Tainting is a good security measure, though, which would be good in a language like Eiffel. -- Pete --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
