In terms of security across the network (intra and internet), which programming language do you think the most secure, but at the sametime simplify our development effort and doesn't compromise in its speed of execution (the speed should be acceptable in a contemporary x86 machine). Thx
Posted on 2004-05-28 03:10:23 by Pinczakko
I guess then you're talking about things like .NET/Java.
Their automated memory-management and sandbox-architecture mean that it's impossible to have buffer overflows and impossible for a program to access things that the user doesn't want.
On top of that, they are not Von Neumann-architectures, so it is not possible put code on the stack and execute it.
Posted on 2004-05-28 03:18:30 by Scali
I think there is no such a thing as the most secure programming language because of the human nature.
Posted on 2004-05-28 05:08:39 by Vortex

I guess then you're talking about things like .NET/Java.
Their automated memory-management and sandbox-architecture mean that it's impossible to have buffer overflows and impossible for a program to access things that the user doesn't want.
On top of that, they are not Von Neumann-architectures, so it is not possible put code on the stack and execute it.

you're very good at this. All I know so far about .NET/JAVA is their garbage collector and some stuff about their virtual machines. I'll look up the sandboxing technique though. I agree that both of them are not vurnerable to buffer flow attack, but I think sooner or later there will be a security hole on those system too, for the time being, they practically can be called secure. The catch is they are both resource hungry :(.
Posted on 2004-05-28 08:13:27 by Pinczakko
I guess what Vortex tried to say is that as long as humans make programming languages/environments, bugs can happen, and security can be flawed.
They may be more resource-hungry, but then again, so are multitasking systems. Eventually systems become so powerful that the extra overhead can be sacrificed for the advantages that are offered. With decent code you can get very good results already. Not everything has to run at 100% efficiency anyway :)
Posted on 2004-05-28 08:36:59 by Scali
Hi Scali,

Yes, that was just what I wanted to say, you are right.
In other words:
Errarum human est
Posted on 2004-05-28 14:51:34 by Vortex