Security Basics mailing list archives

Re: Programming

From: David Heise <dheise () gmail com>
Date: Sat, 12 Feb 2005 07:57:01 -0700

I don't think the specific language is as important as the type of
language (imperative, functional, visual, OO, etc)  and what you want
to do with it. C is a definite if you want security (simply because so
many programs have been written in C and the buffer overflow attacks
generally come from improper use of input in C). C is an adult
language (i.e. potential to really really screw up your system)
whereas other languages put management restrictions so that you can't
mess yourself up to much (and yes there are other "adult" languages as
well).

The other big consideration (for me at least) is how the language
runs: complied, or interpreted, or a mix. Personally I consider any
language that requires the installation of extra programs (i.e.
framework, virtual machine, etc) as an interpreted language (albeit
complied to an intermediate language) because it requires some other
interpreter to actually run it on the processor in machine code. My
favorites in this area are C# and Java.

As for complied languages I tend to stick with C or C++ or Delphi, but
that's just because I develop for the Windows environment (that's also
something to think about: the environment  you want to develop on).

The other REALLY BIG factor in deciding what language to use/learn is
who you want to write code for. You're going to do things differently
if you're writing code to be used by a corp, or by devs or by your
grandma. Writing code that requires your grandma to download a
10-30Meg runtime environment/framework/virtual machine isn't very
practical.

In the end randomly picking one of the mainstream languages is
probably ok to start, but don't stop there. After you're comfortable
with one language, learn another is different from your first (i.e.
going from Java to C# or vice versa isn't a big switch). I would
suggest trying a functional language like LISP, or Scheme. Also give a
visual language (like Visual Obliq, LabView, or ProGraph) a try, it
will make you think differently.

just my $0.0137


-- 
David B Heise [dheise () gmail com]

On Wed, 09 Feb 2005 09:17:00 +0100, dayz () planet nl <dayz () planet nl> wrote:

Hi,

I want to begin with learning programming to increase my knowledge about
security, but I don't know where to begin. Can someone tell me which
programming language is good to start with, and pherhaps what book
and/or online guides I should take a look at?
It would be nice that if I learn a programming language that it
shouldn't be much work to understand another one.

I am on Linux and Windows.

Thanks for the help.

Regards,

Ben

Current thread:

Re: Programming, (continued)
- Re: Programming Glenn English (Feb 09)
- Re: Programming Kevin Conaway (Feb 09)
- RE: Programming David Gillett (Feb 10)
- Re: Programming stonersavant (Feb 10)
- Re: Programming xyberpix (Feb 10)
  - Re: Programming linux user (Feb 10)
- Re: Programming secans (Feb 10)
- Re: Programming Kevin Carlson (Feb 11)
- Re: Programming Gilles Demarty (Feb 11)
- Re: Programming Brian Knobbs (Feb 11)
- Re: Programming David Heise (Feb 14)
- RE: Programming Rocky Heckman (Feb 14)
- Re: Programming Brian Gehrke (Feb 17)
- RE: Programming Smith, Ryan (Feb 09)
- Re: Programming miguel . dilaj (Feb 10)
- RE: Programming David J ONEILL (Feb 10)
  - RE: Programming David Gillett (Feb 11)
  - RE: Programming Ernest Nelson (Feb 11)
  - Re: Programming linux user (Feb 11)
- Re: Programming zl4t3 (Feb 11)
  - Re: Programming Valentin Höbel (Feb 14)

(Thread continues...)