2 Sep
2016
2 Sep
'16
12:11 a.m.
Of course it's possible to write terrible programs in powerful languages!
How else could we have the wonders of the International Obfuscated C
Code Contest?
On 09/01/2016 02:47 PM, Tim Bradshaw wrote:
On 1 Sep 2016, at 10:17, Norman Wilson
<norman(a)oclsc.org> wrote:
Flon's
Axiom, for 35 years my favourite one-liner about
programming and languages:
There does not now, nor will there ever, exist a
programming language in which it is the least bit
hard to write bad programs.
I think this is almost trivially true (in the same
sense that, say, general relativity is almost trivially true once you see it): if there
are complicated problems to solve, then programming languages are either powerful enough
to represent the solution or they can't solve the problem. If they are powerful
enough then that power can be used to write horrid programs, if they're not then they
die out, at least as general-purpose languages.
To turn my earlier comment around, Lisp is a fantastic example of this: modern Lisps
(really, Scheme) mandate tail-call elimination as part of the language, which is clearly
this lovely pure thing to do which can only make programs better. Well, in a language
with tail-call elimination, some (but, of course, not all) function calls can be treated
as gotos which pass arguments, and isn't goto meant to be bad? So now add full
continuations and any half-educated person like me can write the sort of tiny opaque
horror which it would take someone really deep understanding to write in C, say.
That being said (and note I *like* C, a lot), what proportion of security problems are
undetected buffer overflows? Less than it used to be, I hope.