Hacker News new | past | comments | ask | show | jobs | submit login

Realistically, just about every mainstream dynamic language today has its major implementation(s) written using C or C++. Some of them have significant amounts of C code underlying their common libraries, as well. Some of the most popular third-party libraries or modules are in fact nothing more than thin wrappers over existing C or C++ code.

Don't think that you're escaping C or C++ just because you're using Ruby, or JavaScript, or Python, or Perl, or Tcl, or even Java. Don't think that you aren't as vulnerable using a dynamic language as you are using C or C++ directly.

Furthermore, it is quite easy for dynamically typed languages to suffer from very serious security vulnerabilities. There was one affecting Ruby and Ruby on Rails widely publicized just a few days ago. You can read more about it at: http://news.ycombinator.com/item?id=5002006




But the beauty of modern programming languages is that the responsibility has gone from sole programmers to actual implementation developers. You would expect that people who implement the runtmies and libraries are far, far more knowledgeable, experienced and trustworthy. And it often is so -- the end user(programmer) can't be trusted to know all about security implications, possible vulberabilities let alone how to exploit them!

The whole idea that "Well it's insecure because you program in insecure way!" is outright idiotic, and should be killed. If that means getting rid of C and C++ and people who write in these languages(Hey, myself included!) then so be it. The faster the better. Sure, there are cases in which it's hardly possible, but I'd take 10 times slower computer for 1) fewer bugs 2) more advanced software 3) cheaper software 4) far less security concerns any day.

Now, I'm going to close the C++ project and go write some Python. Makes me feel happy and far less stressed, although C++ does damn well in comparison to C.


But using a language like Ruby or PHP, for instance, doesn't really lead to fewer bugs, or more advanced software, or cheaper software, or fewer security concerns in practice.

What it often actually leads to is untalented developers creating a lot of bug-ridden and vulnerable code extremely quickly. It's efficiency in all the wrong ways.

Do you remember that Diaspora social networking project that received a lot of hype a couple of years ago? It was a Ruby on Rails app, and the early releases were absolutely filled with some particularly nasty bugs and security flaws. The only reason they were eventually fixed is because the code was made public, and people pointed out these flaws. There is a lot of Ruby code out there, for instance, that isn't public, yet is still riddled with the same types of problems.

That's not to say that the same isn't true for Python, or Java, or C#, or C++, or any other language. But we shouldn't be claiming that using a language like Ruby or Python somehow leads to more secure code. It doesn't, and it's dangerous to think that it does.


> But using a language like Ruby or PHP, for instance, doesn't really lead to fewer bugs, or more advanced software, or cheaper software, or fewer security concerns in practice.

Which domain are we talking about? Of course web-based applications have their own problems, but imagine if idiomatic Ruby or PHP code was vulberable to buffer overflows, double-free/use-after-free or format string vulnerabilities on top of the current problems, would you still say that languages don't matter when it comes to software development problems and issues? Essentially, what you're saying is that modern programming languages aren't any more better in practice in said regards than C. Honestly?

Of course no language can prevent outright bad code, but a language, by it's design, can eliminate issues related to for example type safety and memory safety. Consider Rust as an example of this. What this means in practice is that the language by it's design manages to eliminate these issues. Code is less prone to bugs and has no security concerns related to these issues. More time for validating correct behavior and fixing misbehaving parts.

> But we shouldn't be claiming that using a language like Ruby or Python somehow leads to more secure code. It doesn't, and it's dangerous to think that it does.

What on earth am I reading? What are the equivalents to buffer overflow or format string vulnerability in Python or Ruby? How do I execute arbitrary machine code with Python or Ruby if malicious input is given to the vulnerable program?


Still, there is a whole class of memory errors / exploits that you can stop caring about once you have managed code. The tradeoff is obviously performance. Although as java/.net show us, not necessarily too much of it.


>I'd take 10 times slower computer for 1) fewer bugs 2) more advanced software 3) cheaper software 4) far less security concerns any day.

Fair enough, but as soon as you build your slow app the competitive market will want to buy the version that runs 10x faster. In some cases it won't matter, but where the software has to run in real time it very much does. There's no escaping C.


Sure, there's no escaping C, but that's mainly because of the investments we've put into it. Same goes for C++, but it's far more manageable from security point of view. Today we have modern languages which are only a tad slower than C, yet which guarantee safety and control. See Ada2012 for example. Also optional unsafe/unmanaged code blocks can really help with maintaining performance in critical parts while keeping the non-critical parts safe/managed. This goes as far as optional garbage collecting for certain objects and manual for others. Flexibility, none of which C provides and which makes C a horrible language in todays world.

If only someone would start re-writing de-facto low-level infrastructure such as kernels(say Linux) and userspace tools and programs(servers such as apache, implementations such as for Python and Ruby, libraries, ...) in something like Rust or equivalent which guarantees both type and memory safety and has strong emphasis on concurrency and encourages immutable state etc.

Maybe one day we simply don't have to care so much about what's "secure" and what's "vulnerable". Because the concept of software vulnerability is destructive. Yes, it employs people, but these people create no real value, they just fight the destructiveness of vulnerable software. They are worthless in ideal world.


There is a very important concept in software called "good enough". Sure, there are language that could be better than C/C++, but 90% of what see in a desktop is written in C or C++. For a bad language, this is good enough, I would say.

It would be different if we had a language with the same performance characteristics and dramatically better high level features, but to this point we still don't have it. That is why software developers are in no rush to move from C to another of the languages that have been discussed lately.


I would rather attribute the current pace of things and C and C++ popularity to what is invested in those languages. Tons of big projects are written in C and C++. Many of them were begun during times when performance was a major issue unlike today. Also the ability to find contributors for a C and C++ projects is going to be far easier than for projects written in say Go or Rust or any other relatively suitable language. Not to talk about libraries even.

For a typical new desktop application, C and C++ have been long dead for at least a decade now, thanks to C# and .NET. It's a tad different on Linux and Mac though.

If we were to start from a scratch, I'm sure C wouldn't have such popularity as it had 20 years ago. The language is inferior by it's design on modern standards. Yes, there are domains where it's still relevant, but consumer PC(or let alone mobile) is not one of them. If C were relevant, I'm sure we'd rather write mobile apps in C instead of say Java.


  > There was one affecting Ruby and Ruby on Rails
What has it to do with Ruby, besides the fact that RoR is written in Ruby?


Why not use a modern statically typed language instead?


>Don't think that you're escaping C or C++ just because you're using Ruby, or JavaScript, or Python, or Perl, or Tcl, or even Java. Don't think that you aren't as vulnerable using a dynamic language as you are using C or C++ directly.

Actually this is completely backwards.

Think exactly that you are NOT AS vulnerable as using C or C++ directly.

That it's C/C++ underneath has little importance.

It FAR MORE difficult and FAR LESS common to reach runtime/interpreter bugs that to produce bugs of your own in the higher level language.

>Furthermore, it is quite easy for dynamically typed languages to suffer from very serious security vulnerabilities.

Of a different kind, that doesn't pertain to the current discussion.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: