On Tuesday, 18 November 2014 at 12:18:16 UTC, Ola Fosheim Grøstad
wrote:
On Tuesday, 18 November 2014 at 08:28:19 UTC, Paulo Pinto
wrote:
This is just one case, the CVE List gets updated every day and
90% of the issues are the usual C suspects regarding pointer
misuse and out of bounds.
Sure, but these are not a strict language issues since the same
developers would turn off bounds-checking at the first
opportunity anyway!
Professionalism does not involve blaming the tool, it involves
picking the right tools and process for the task. Unfortunately
the IT industry has over time suffered from a lack of formal
education and immature markets. Software is considered to work
when it crash only once every 24 hours, we would not accept
that from any other utility?
I've never heard anyone in academia claim that C is anything
more than a small step up from assembler (i.e. low level), so
why allow intermediate skilled programmers to write C code if
you for the same application would not allow an excellent
programmer to write the same program in assembly (about the
same risk of having a crash). People get what they deserve.
Never blame the tool for bad management. You get to pick the
tool and the process, right? Neither the tool or testing will
ensure correct behaviour on its own. You have many factors that
need to play together (mindset, process and the tool set).
If you want a compiler that works, you're probably better off
writing it in ML than in C, but people implement it in C. Why?
Because they FEEL like it… It is not rational. It is emotional.
There are good answer to most of this but most importantly, this
do not contain anything actionable and is completely off topic(
reminder, the topic of the thread is SCOPE ).
Reader's time is precious, please don't waste it.
