On Tue, 24 Oct 2006, Crispin Cowan wrote:
> Sure, there are likely to be ways in which SML is better than C# or
> Java. However, in security, the perfect is all to often the enemy of the
> good-enough. The big community hears security people talk about the high
> security approach that security geeks really want, consider the costs,
> and go back to doing things the old way, and ignore the security people.
> If security people instead pitch something that is feasible and makes
> the situation better, instead of asking for the moon, we will make more
> progress.
>
> Crispin
(not directed at you, Crispin)
So, "dump C", "Use SML", "What secure coding classes are you doing?" and
"we are already doing it!!" are the responses I got when I started this
thread.
Can someone mention again why re-writing the main often-used and probably
less than 3 mostly-used basic programming books is a bad idea?
All of us will still have a job in 5 years if we do this, even in 25. I
promise.
Gadi.
_______________________________________________
Secure Coding mailing list (SC-L)
SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
