RE: ACM Queue article and security education

["Michael S Hines" <mshines () purdue edu>]

I can just see an OS go into a wait state now while the VM/.NET or whatever
does garbage collection; and the delays while the intermediate code is
turned into executable code by the loaders.   

Not!  

HLL have given us portability (witness - *nix) but at some price of
performance.  The HW development has outpaced SW development - to the tune
where we hardly notice the performance hit at all.  After all, now fast can
one person type (grin)?

It's always a trade off...   HW/SW.  

Mike Hines 
-----------------------------------
Michael S Hines
[EMAIL PROTECTED] 
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Blue Boar
Sent: Thursday, July 01, 2004 11:11 AM
To: Peter Amey
Cc: [EMAIL PROTECTED]
Subject: Re: [SC-L] ACM Queue article and security education

Peter Amey wrote:
> There are languages which are more suitable for the construction of
> high-integrity systems and have been for years.  We could have
> adopted Modula-2 back in the 1980s, people could take the blinkers of
> prejudice off and look properly at Ada.  Yet we continue to use
> C-derived languages with known weaknesses.

So we trade the known problems for a set of unknown ones?  It might be 
appropriate to do so; C may be "broken" enough that it's better to go 
for an unknown with a design that allows for a possible correct 
implementation.  I keep thinking of Java, for example.  It's a good 
paper design for security purposes (I'll leave functionality alone for 
now.)  But there are still all the issues with the VM implementation and 
libraries to deal with.

Language X may very well be a much better starting point, I don't know. 
  I do believe that it will never be properly looked at until the whole 
world starts using it for everything, though.

                                                BB