Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

The Importance of Type Safety

From: jeremy.j.epstein at gmail.com (Jeremy Epstein)
Date: Mon, 23 Mar 2009 21:58:02 -0400
This is kind of a funny discussion, to those of us over a "certain
age".  When I was a young-un :-), the argument was that you couldn't
write real software in a "high level" language like C because it was
too inefficient compared to assembly language, and you lost
flexibility since you didn't have direct hardware access.  Then
someone actually measured it, and discovered that writing in a higher
level language yielded more efficient programs, because programmers
could focus on the bigger picture.  Plus, optimizing compilers helped
reduce the difference through better optimization than most
programmers could do by hand.  And the very small portion that needed
the hardware access could be handled specially.

A decade or so ago, we heard the same thing about Java - can't write
"real" code in it because it's too inefficient.  But Java compilers
have gotten better, and the high level abstractions allow programmers
to focus on the important stuff, and not on some of the details (like
bounds checking).  My bet is that if someone repeated the assembly vs.
C experiment, they'd find that writing in Java is (for most people)
more efficient than writing in C.  Yes, there are some C programmers
who can write more efficient code - but not most.  Similarly for
flexibility - yes, there are things you can't do in Java, but most of
them are things you shouldn't be doing anyway...

--Jeremy
Previous By Date Next
Previous By Thread Next

Current thread: