RE: [SC-L] Programming languages -- the third rail of secure

2004-08-01 Thread Nick Lothian
IMHO, though, any such effort is pointless. The reality is that we're going to be stuck with C/C++, Java, C#, FORTRAN, COBOL, and various interpreted/scripting languages for a very long time. Rather than argue about what makes something good/better, we'd be better off figuring out how

RE: [SC-L] Programming languages -- the third rail of secure coding

2004-07-21 Thread Nick Lothian
I'd also point out that if it's languages you're trying to list, JavaScript arguably should not have a separate entry from Java Yes it should - they are substantially different languages, even if we look at them only syntactically. You could argue that Javascript should be listed as

RE: [SC-L] Programming languages used for security

2004-07-13 Thread Nick Lothian
Does anyone have pointers to articles on designing API's so that they are easy to use securely? Not specifically related to security, but is one of the better things I've seen about designing APIs. Nick