At 11:42 AM -0400 3/25/09, Gary McGraw wrote: > The code/data mix is certainly a problem. Also a problem > is the way stacks grow on many particular machines, especially > with common C/C++ compilers. You noted a Burroughs where > things were done better. There are many others. C is > usually just a sloppy mess by default. > > Language choice can sometimes make up for bad machine > architecture, but ultimately at some level of computational > abstraction they come to be the same thing. You may recall > that I am a scheme guy. TI made a scheme machine that never > caught on some years back (around the same time as the LISP > machine...like emacs only even more bindings at least on the > Symbolics <http://en.wikipedia.org/wiki/Lisp_machine>). > Those machines had a fundamentally different architecture > at the processor level.
Even with Ada (my favorite) it is _possible_ to violate type safety. But it requires using a construct for which managers can trivially scan the source code. And there are few cases where it is _impossible_ to program in a type-safe manner. C++ has an escape from type safety a bit harder to scan for - dropping into C. To determine the difference in the effective type safety of two languages, consider the likelihood that the _average_ programmer is going to violate type safety. You cannot manage to hire programmers exclusively from Lake Wobegon*. Worry about enforcement by the hardware architecture after you have squeezed out all errors that can be addressed by software techniques. -- Larry Kilgallen * For non-US readers, Lake Wobegon is an imaginary community where all the school children are above average. _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________
