re-writing college books [was: Re: A banner year for software bugs | Tech News on ZDNet]

[james.walden at gmail.com (James Walden)]

On 10/12/06, Craig E. Ward <cew at acm.org> wrote:

> I don't think saying "use safer languages" is a good way to say it.
> It would help conditions significantly if greater care were taken to
> match the choice of programming language to the problem to be solved
> or application to be created. If a language like C is most
> appropriate, then use it, just be sure to take the extra steps needed
> to develop it securely.


I agree that the programming language should be chosen to match the problem,
though it's worth pointing out that security is typically part of the
problem to be solved.  There are safer systems programming languages than C,
such as D and Cyclone.  If you've considered the alternatives and you really
have to use C because it's the only thing that will do, then yes, use it and
be sure to use it securely and verify that fact with static analysis tools
and code reviews.

James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://krvw.com/pipermail/sc-l/attachments/20061013/d5fe3658/attachment.html