On 10/28/06, David Crocker <[EMAIL PROTECTED]> wrote: > Crispin Cowan wrote: > > >> > For me, the enemy in the room is C++. It gives you the safety of C with the > performance of SmallTalk. There is no excuse at all to be writing anything in > C++ yet vastly too many applications are written in C++ anyway. Instead of > trying to coax developers to switch from C++ to something "weird" like SML, > lets > encourage them to switch to Java or C#, which are closer to their experience. > << > > Unfortunately, there are at least two situations in which C++ is a more > suitable > alternative to Java and C#: > > - Where performance is critical. Run time of C# code (using the faster .NET > 2.0 > runtime) can be as much as double the run time of a C++ version of the same > algorithm. Try telling a large company that it must double the size of its > compute farms so you can switch to a "better" programming language!
Don't go there, sister. Come up with some reasonable tests before making a statement like that. "Assembly code can be as much as a million times faster then the run time of a C++ version of the same algorithm." Bit useless, isn't it? Lets not forget that writing faster/more optimised code in c++ will be more complex and hence allow room for more errors then letting the c#/java runtime optimiser do the dirty work for us. > However, I suspect that most security-critical programs do not fall into > either > of these categories, What? Cryptography rings a bell ... > so C# or Java would indeed be a better choice than C++ for > those programs. > > David Crocker, Escher Technologies Ltd. > Consultancy, contracting and tools for dependable software development > www.eschertech.com -- mic _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php
