Hacker News new | past | comments | ask | show | jobs | submit login

Security is a systems property, not a property of a language.



A system's security comes from the security of its components and their interactions. The functionality of each will be expressed in a language. That language will have features that affect the security of that component. Therefore, security is a component of languages and systems.

I'll go further to say language security is a subset or component of securing a system wherever it could be applied. This has been known since at least MULTIC's where the choice of PL/0 dodged some security vulnerabilities due to language's attributes. It's been known for reliability at least since Burroughs used ALGOL variant for their OS.


It's incredibly easy to write buffer overruns in C that open up security holes.

Not that JVMs are immune, it's just harder.

That said, I far prefer writing in C/C++ to doing anything in Java.


>That said, I far prefer writing in C/C++ to doing anything in Java.

Why's that? Enjoy pointer arithmetic that much?


Never found pointer arithmetic hard. I honestly don't know what the big deal is.

Template metaprogramming can go straight to hell, though . . . :0


Well not exactly See the modula 3 based research operating systems that solve some of the modularity / performance / security trade off triangle issues of a micro kernel




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: