RE: [SC-L] Programming languages -- the third rail of secure coding

2004-07-21 Thread Nick Lothian

 I'd also point out that if it's languages you're trying to list,
 JavaScript arguably should not have a separate entry from Java 

Yes it should - they are substantially different languages, even if we look
at them only syntactically. You could argue that Javascript should be listed
as ECMAScript, though. There are a bigger problems with that list than this,
though.

Nick




Re: [SC-L] Programming languages -- the third rail of secure coding

2004-07-21 Thread Mark Rockman
JOVIAL goes back to the 1960s as Jules' Own Version of the International
Algebraic Language.
ALGOL and IAL are the same thing.  JOVIAL was used almost exclusively by the
United States Air Force.

- Original Message - 
From: Dave Aronson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Tuesday, July 20, 2004 11:05
Subject: Re: [SC-L] Programming languages -- the third rail of secure
coding


 Michael S Hines [EMAIL PROTECTED] wrote:

   I've been compiling a list of programming languages..

 You missed FORTRAN, ICON, REXX, SNOBOL, and the assorted OS-based shell
 scripting languages (bash/csh/ksh/etc., VMS DCL, DOS .bat, etc.).  I've
 heard of JOVIAL, which I *think* is a programming language used almost
 exclusively in the US military.  Since a few companies make things that
 translate it into code, you might consider UML as well.  Then there are
 a gazillion languages for particular commercial packages -- you got
 Oracle's PL/SQL, but there are also dBase/Clipper, FrEd (Framework
 Editor, from an old integrated office suite), Lotus 1-2-3 macros, and
 many more.

 Also, depending on your definition of programming language (versus
 markup language and a few other types), you might have a few extras as
 well.

 -- 
 David J. Aronson, Contract Software Engineer in Washington DC area
 Resume and other information online at: http://destined.to/program






Re: [SC-L] Programming languages -- the third rail of secure coding

2004-07-21 Thread Erik van Konijnenburg
 At 8:17 AM -0500 7/20/04, Michael S Hines wrote:
 I've been compiling a list of programming languages..   Some of which were
 developed to 'solve' the insecure programming problem.  I don't think we've
 made it yet.

 My list -- (feel free to add to it).

And then there are languages such as Java2K that were never intended to *solve* any
problems at all ...

http://p-nand-q.com/humor/programming_languages/java2k/manual.html

--erik




Re: [SC-L] Programming languages -- the third rail of secure coding

2004-07-21 Thread Crispin Cowan
I don't understand the purpose of this list. If it is to list all 
programming languages, that is hopeless, as there are thousands of 
programming languages. If it is to list all programming languages with 
security ambitions, then I'm confused, as clearly not all of the 
languages listed were intended to enhance security, and some of them 
(glaringly PHP) substantially *degrade* security vs. many languages that 
came before them.

Crispin
Michael S Hines wrote:
I've been compiling a list of programming languages..   Some of which were
developed to 'solve' the insecure programming problem.  I don't think we've
made it yet.
Perhaps it's a personnel problem, not a technology problem?
My list -- (feel free to add to it).
1.  Assembler
2.  C/C++
3.  Pascal
4.  Basic or Visual Basic
5.  Java / J#
6.  Perl
7.  Ruby
8.  PHP
9.  C#
10. COBOL
11. Perl
12. XSLT
13. Python
14. Forth
15. APL
16. Smalltalk
17. Eiffel
18. PL/1 
19. ADA
20. Hermes
21. Scheme
22. ML
23. Haskell
24. Simula 67
25. Prolog
26. OCCAM
27. Modula 2
28. PL/M or PL/X
29. PL/SQL
30. SQL
31. Jabber
32. Expect
33. Perl/Tk
34. Tcl/Tk
35. XML
36. HTML
37. AppleScript
38. JavaScript
39. VBScript
40. D
41. Algol

---
Michael S Hines
[EMAIL PROTECTED] 

 

--
Crispin Cowan, Ph.D.  http://immunix.com/~crispin/
CTO, Immunix  http://immunix.com