Re: [Mono-list] Philosophical Question - Why .NET on UNIX?

[mike montagne]

Hi, Alan. No problem with the inline comments. I'm going to do the same with my response. Alan McGovern wrote: Hi, I've left some comments inline. Also, sorry about the double email, forgot to CC the list first. In other words, I have thought from the beginning that the Microsoft philosophy is wrong. In fact knowing the weakness of accommodating unknown, interoperable objects well has permitted me on several systems to survive -- without ever deploying anti-viral ware -- literally probably more than a million Windows viruses, with none ever unleashing. The trick to this has been wholly disabling ActiveX -- whereas Microsoft's interests in .Net are making that more impossible every day. But .NET has built in security measures which prevent malware of any kind from taking over your system. Silverlight, the new browser plugin, contains a new simplified security system which makes it very difficult for anything to overtly install itself. You can't even access a file on the hardrive without going through a trusted path which (i believe) means popping up a file selection dialog for the user to select the file in. I don't buy the purported security of .Net, not at least as proposed by Microsoft. As for MONO, I cannot testify, but regarding Win.Net, here goes... One obvious security vulnerability (assumably of all .Net implementations, because all implementations generate IL), is that the very IL will regularly pave the way to security breaches. Likewise, IL makes it very difficult if not impractical to protect intellectual property. An example of the former for instance would be an enterprise application submitting password access for whatever purpose. Even if encryption libraries are called, if the IL falls into the wrong hands, the data processed by IL calls into encryption libraries make it a relatively easy matter to break the ostensible security of the system. The .Net environment imposes relatively basic security measures. Yet keys can be stolen, signatures can be impersonated, new assemblies can be distributed to impersonate others... etc.. I don't think any .Net engineer claims the security is invulnerable to a variety of possible schemes. I don't believe it can be truly said that malware of any kind, or even flaws of any kind, are wholly obstructed from affecting our systems. The best applications I use have rarely been updated. They sit behind a firewall. I fully trust them because any problems would be adverse to the purposes of the vendor, and because the integrity of the applications is a long proven matter. I don't see how you can better, more practical security than that. My Firefox installations for instance are always configured not to run _javascript_. Even as I occasionally approve some _javascript_ manually, I regularly object to much of its usage. It's plain unnecessary. But it is others' business if they do these things, and I do expect browsers to remain available which continue to provide means of eliminating potentially unwanted executability of any kind. Lots of things are unneccessary. Coloured text is unneccesary. Hyperlinks are unneccessary. Colour images on web pages are unnecessary. However all three are very useful. None of these require _javascript_. Reliance [even] on _javascript_ renders the site dysfunctional if the visitor is running tight security to protect themselves from the probable dangers we are aware of. Even privacy is a worthy reason to disable _javascript_. The person who deploys [even] _javascript_ therefore risks or causes the dysfunctionality of their content in so many browser configurations. A good example of the consequences is the imperative disabling of ActiveX. Even out of the box, Internet Explorer regularly fails to render content or processes on Microsoft sites. Crank up the security to where you should really have it, and good luck.   I have found particularly that even relatively straightforward graphics processes are extremely poorly performant compared to the tools I recently left behind. I hope you weren't accessing the pixels one by one using GetPixel and SetPixel. They are known to be very slow and are the reason why the unsafe LockBits() method is offered which allows you to directly access the bytes of the image and write c-style code which is every bit as fast (or at least has the potential to be). GetPixel() and SetPixel() have to be used for some purposes, but so far I have never had to use them in performance critical code. Unsafe code is another thing to stay away from however if end users are to enforce in-house restrictions based on security claims made for .Net. Theoretically however, the C# (reference/handle based) approach is an equally advantageous way of building applications, if compiled into native executables. C# is compiled into a native executable when it is launched. There are also tools out there which generate native executables from CIL code. Sometimes these tools generate code that runs slower than if the code were just JIT'ed. So technically speaking, CIL code *always* runs "natively" on your platform of choice. By "natively" (in the .Net sense), you mean the code runs in an environment which relates to the native system. IL *does not* compile into native calls of the OS. .Net implementations on Windows are far slower than their native-compiled counterparts. Some claims are made that .Net math operations are something like 80% as fast as native operations, but these claimed cases are only possible if no boxing or unboxing are involved. Still, that's a substantial performance disadvantage. But if of course any boxing or unboxing are required, then of course the disparities are going to be huge. This nonetheless is in regard just to math operations. Graphics processes and IO can be orders of magnitude slower. There are net BrowseForFolder dialogs in Visual Studio which, on my brand new Vista system, take 9 seconds to display file content. This is a huge delay, and something I certainly would never care to suffer in my own applications. The early days of Delphi 1 had dialogs which were instantaneous on Win95. So many years and orders of hardware efficiency later, to suffer these delays is to me, incredible. As a result, i don't think your proposition has actually proposed *anything* that mono doesn't already do. Unless of course you were actually proposing that the whole Mono framework is rewritten in C or C++ or whatever non-CIL language of your choice and a thin c# wrapper is placed over that to provide interoperability with existing .NET libraries. If that's what you're suggesting, you obviously have completely missed the benefits gained when writing in a managed language. Well thanks for the tip, but imho, "managed" is quite an overstated virtue or advantage. Few C# developers probably truly know for instance what the best way is to implement dispose patterns. There is conflicting information on it. Visual Studio doesn't agree with Richter. Richter doesn't agree with another source I rely on. Then again, how many can expertly reply when and how to implement finalize? What was the ostensible technical challenge implementing Free or FreeAndNil in C++Builder or Delphi? There was no challenge or mystery when and how to use them. When you freed an object the memory was instantly available to other processes. FreeAndNil obviously freed the memory and wrote null/nil to it. When you wrote an aggregate component/class, you routinely moved to your destructor and freed subcomponents in the reverse order you created them. These things were routine. What is the ostensible advantage of ForEach? Underneath your call to ForEach is an iterative process which has to make the well known, routine call to iterate count minus 1. The same thing has to be done. There's nothing managed for you at this level. If the count changes before iteration is complete, the only thing you can hope to account for that is the compiler -- and I think it should be clear that isn't necessarily anything that the compiler should assume. If this can happen in your case, it is your responsibility to anticipate that and use an appropriate structure. Now, if you're trying to tell me MONO runs as fast as Cocoa on OS X, I can be made a believer of that part of your assertion. "Managed" code little convenience -- but in many cases it certainly is one. In the case of dispose or finalize patterns, ambiguities can lead to further problems, and incomplete familiarity with these ambiguities can lead to inferior design and poor performance. If we have to breech the barriers of ostensibly "safe" code to *hope* to achieve ostensibly comparable speed, hardly is it the case then that .Net delivers what I consider to be acceptable performance. Your remarks about GetPixel() and SetPixel(), I take to be agreement. As to your final remarks, you do not understand me. Assemblies call into .Net libraries. What I am proposing is to map those calls into libraries supporting the .Net calls, but compile the output into native calls into the operating system -- using native OS dialogs, whatever. Unless GetPixel() and SetPixel() deliver that kind of performance and potential security, certainly this is *not* something .Net provides. If that's the case, it makes alternatives the only option if performance matters. I won't have my users waiting 9 seconds for a BrowseForFolder or BrowseForFile dialog to display content. I would even anticipate getting support calls for that. Regards, mike Alan.

_______________________________________________
Mono-list maillist  -  Mono-list@lists.ximian.com
http://lists.ximian.com/mailman/listinfo/mono-list