Microsoft: Take a week off--unpaid | TalkBack on ZDNet

On MovieTome: The 10 worst movies of 2009 so far!

BNET Business Network:: BNET; TechRepublic; ZDNet

TalkBack 5 of 25:: Next »; « Previous

Thread View
Flat View

Yep. C/C++ is a big part of the problem.

You are correct. Windows (and Linux) are written in C/C++. That's a big part of the problem.

Those buffer overruns you keep reading about, that let malware in? The problem is that the C language isn't strongly typed.

Did you mistakenly define a length variable as int instead of uint, and then pass it to the standard library? C will compile it without complaint. BZZZT! A hacker can insert a negative number into the int, which looks like a huge number to the uint, allowing a buffer overflow. Did you forget an @-sign? Too bad. C will let you shove the address of a variable where you wanted the value. These are real examples of security flaws found every day in production code.

And don't get me started on the stupidity of null terminated strings. Sheesh!

A recent study showed that professional programmers, and automated code generators both make far more mistakes in C than in better designed languages. As much as 50x more bugs/1k lines of code.

What better languages? Actually, just about anything newer. Delphi (an object oriented form of Pascal) is good. Ada and Java are others. But I prefer compiled code.

Microsoft is addressing these issues with their C# language. It remains to be seen if it will succeed.

Posted by: gordon@... Posted on: 05/23/06 You are currently: a Guest | Members login | Terms of Use

Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Bill doesn't have enough Billions gordon@... | 05/23/06

Oh there's a way out... ObiWayneKenobi | 05/23/06

There's another way ... Henaway | 05/23/06

Tell It Like It Is Travasaurus | 05/23/06

Yep. C/C++ is a big part of the problem. gordon@... | 05/23/06

Why cover for people's dumb mistakes? LateBlt | 05/24/06

RE: Why cover for people's dumb mistakes? bmonster | 05/24/06

I respect real programmers LateBlt | 05/26/06

You're dead wrong. gordon@... | 05/25/06

Thanks for that, but... LateBlt | 05/26/06

Meanwhile M$ begging for more H1-B's !! thetruth_z | 05/23/06

Microsoft: Take a week off--unpaid Loverock Davidson | 05/23/06

But wait, many projects already very late, and a few million here is just DonnieBoy | 05/23/06

Many projects? Loverock Davidson | 05/23/06

Vista (Longhorn) is years late. XP came our how many years ago??? DonnieBoy | 05/23/06

Scheduled for release in Jan. (NT) Loverock Davidson | 05/23/06

Cash On Hand!!! nucrash | 05/23/06

And? Loverock Davidson | 05/23/06

Like getting a product out the door? techboy_z | 05/24/06

Are contractors not people? Zeppo9191 | 05/23/06

Oh, stop it. Wizard Prang | 05/24/06

Well said. Wizard Prang | 05/24/06

Man, billions in the bank, and they are worried about a few million here??? DonnieBoy | 05/23/06

Probably has more to do with employment law mighetto | 05/23/06

week off - contractors/employees? simet | 05/24/06

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now
Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Companies have rapidly adopted server virtualization over the past few ... Download Now

Click Here

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Popular Sanity Saver Videos

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More