On Sun, Dec 23, 2007 at 09:12:53AM +0100, Rico Secada wrote: > On Sun, 23 Dec 2007 01:06:39 -0600 > "David Higgs" <[EMAIL PROTECTED]> wrote: > > > On Dec 22, 2007 5:53 PM, Rico Secada <[EMAIL PROTECTED]> wrote: > > > > > It is my understanding that C is the hackers tool while Ada is the > > > tool of the engineer. I think it is mostly because of tradition. > > > > Your understanding is wrong. I suspect that many professional > > engineers using C (and/or other languages) would strongly disagree > > with your offhand characterization. > > Any yet many would agree.
Show me the code. No really, show it to us. > > > > You find Ada in almost all of Boings airplanes, and in most industry > > > critical systems. Ada was written with compile time protection > > > against bugs such as buffer-overflows and so on. > > > > Didn't I read a Slashdot article about the NYSE going to Linux? What > > language is medical software written in? What about the competing > > companies that aren't using Ada? How does their track record of > > software faults compare? > > Lets address your question here: > http://www.adacore.com/home/ada_answers/lookwho Yay marketing fodder. I am sure lots of fortune 500 companies use java and c++ too; doesn't make it a good idea. They are still stupid and bad languages that are costing you and me something (slow cell phones, mgmt interfaces that only work in ie, etc). > > > Compile time protection isn't worth the time it takes to run them if > > your specification has flaws, your code doesn't match the spec, or the > > compiler has errors. There are MANY other types of errors that can > > never be caught at compile-time. Just because these errors SHOULD be > > accounted for in the program's spec doesn't mean that they WILL be. > > No but it sure makes a big difference, or maybe Airbus, Boing, EADS and > BAE Systems are wrong on their choice? Good for them. They made a choice that met THEIR needs. > > > > But like many has stated, what makes programs good and secure is the > > > programmer, but IMHO the tools and languages are important too. > > > > > > You cannot use something like C in a really security demanding > > > situation, and here I think about humans lives, like in spacecrafts. > > > > Completely false. You can use any tool you want with an appropriate > > model of the system; this includes your tools and code. The software > > for the original US moon missions was written in assembly code; > > portions may still be in use today because of its extreme reliability. > > Did you post a list somewhere or did I miss it? Ofcourse you can use > any tool you want, but that's not the point. Let me rephrase what I > wrote: you can use any tool you want, but you should not use something > like C if your life depends on it. Again lets ask Boing. Give me a language and I'll show you how to crash a program written in it. It isn't to hard to over run a buffer in any language. Here is a constant: your code is a bad as the developer. > > > > A simple buffer overflow might crash the plane, and you have to have > > > some ways of eliminating that completely. That is why Ada was > > > designed the way it was. You can read about the history of Ada on > > > Wikipedia. > > > > > > Why so much is written in C on Unix-like systems, I think its mainly > > > tradition. IMO Ada would be much better from a security point of > > > view. > > > > Your opinion means nothing without code. Even with code, the OpenBSD > > project likely won't care anyways. You are barking up the wrong tree. > > I am not barking at OpenBSD. You are talking about a language that has no relevance to the OpenBSD OS. Yes you are barking up the wrong tree. I am sure other language people would like to discuss the theoretical merit of languages, elsewhere! > > > > I agree that it would be better if OpenBSD or any other system for > > > that matter was written in Ada rather than C, and they could just > > > as well, but re-writing something as huge as OpenBSD is a MAJOR > > > task, and what would the real benefits be in this situation? > > > > > > The OpenBSD team knows exactly what they are doing hence the extra > > > security of Ada becomes almost un-necessary, but again I agree, had > > > OpenBSD been in Ada from day one, that would save them a LOT of > > > time! Bugs would be caught on compile time and bad-coding would > > > almost be eliminated. > > > > Go back to Wikipedia. OpenBSD was a fork and essentially worked from > > day one. However, as you say, rewriting something as big as OpenBSD > > is a MAJOR task in the timeframe of years or decades. Instead of > > improving security in a known system, all those years would be > > "wasted" reinventing the wheel and playing catch-up with the > > pre-existing feature set of modern operating systems. > > Yes you are right. > > > Your insistence on equating compile-time checks with secure > > programming is incorrect, and indicates your inexperience in secure > > programming. Academic questions like this should be googled or asked > > on comp.lang.ada. > > I did not equate compile-time checks with secure programming. Like I > wrote: "But like many has stated, what makes programs good and secure > is the programmer, but IMHO the tools and languages are important too." If you are flying to mars your engineers better know their damn language inside out, up, down and sideways. At that point it does not matter what it is. Good example is the mars rover spirit that pooped itself due to a bad memory module and worse, some bad assumption in the code that detected it. OMG the language didn't matter. Who would have thunk that? > > Combining the two surely doesn't hurt. No matter how skillful you are > at programming securely, you are going to fail sooner or later in > catching a bug, and having the compiler "save" you from that is like > have an airbag on you car. The driver still has to know how to drive, > but having a safe car doesn't decrease the risk! There is always a trade-off. There is no free lunch with code. You always pay in performance and flexibility (can anyone say java?). I am sure ada is a fine language for its purpose. I am sure C is a fine language for OpenBSD. I even found a use for C++! Encapsulating the win32 api using Borland VCL makes it almost useful and a whole lot less painful. Thats about as good as I have seen C++ be; everything else is downhill. I won't even mention java (lets call it duh'va). > > > Good luck. > > > > --david
