Re: [SystemSafety] OpenSSL Bug

From: Derek M Jones < >
Date: Thu, 10 Apr 2014 20:06:02 +0100


Peter,

> There are people here who have defended the use of the programming language C. Shame on you. Yes,

Why pick on C? All language have their problems.

Facebook have been doing good stuff to improve the reliability of PHP: http://shape-of-code.coding-guidelines.com/2014/03/24/hack-a-template-for-improving-code-reliability/

> there are tools; there are reliable tools to check whether C programs adhere to strong-typing

There is no discontinuity that distinguishes weak/strong typing, it is a continuum. Good luck reaching general agreement on where to draw the line.

I have worked in languages that have stronger typing than C and seen plenty of code in those languages where developers have failed to use the strong typing facilities available to them. Giving developers the tools does not mean they will use them (I am a fan of stronger typing than is available in C).

Incidentally there is almost no empirical evidence for the benefits of using a language having stronger typing. There are a few studies using students on really small problems. Pointers to good studies welcome.

> principles. Etc. AND THEY WERE NOT USED BY PEOPLE WHOM I HAVE UP TO NOW TRUSTED. In other words, you
> were lying to us about "good practice" amongst "SW developers" using C.

and you are surprised by this (again why pick on just C)?

-- 
Derek M. Jones                  tel: +44 (0) 1252 520 667
Knowledge Software Ltd          blog:shape-of-code.coding-guidelines.com
Software analysis               http://www.knosof.co.uk
_______________________________________________
The System Safety Mailing List
systemsafety_at_xxxxxx
Received on Thu Apr 10 2014 - 21:06:24 CEST

This archive was generated by hypermail 2.3.0 : Tue Jun 04 2019 - 21:17:06 CEST