Comment Re:Yes, Blame the Language, not Programmers (Score 1) 269
In an ideal world programmers would not have to worry about security because the language and compilers would protect them by doing the right thing. Unfortunately we do not live in such a wonderland.
Programmers must make a choice of one of the available languages (or write a new one!). That usually means tradeoffs in functionality, performance, security, etc. I will not even try to address the restrictions imposed by company politics, coming into an already partially developed project, etc.
In the end, the language chosen will be far from perfect. A good programmer knows the strengths and weaknesses of his tools. He plays to the strengths and *compensates* for the weaknesses.
Pick one:
- wait for truly perfect language
- don't bother with security
- address security issues yourself
Programmers must make a choice of one of the available languages (or write a new one!). That usually means tradeoffs in functionality, performance, security, etc. I will not even try to address the restrictions imposed by company politics, coming into an already partially developed project, etc.
In the end, the language chosen will be far from perfect. A good programmer knows the strengths and weaknesses of his tools. He plays to the strengths and *compensates* for the weaknesses.
Pick one:
- wait for truly perfect language
- don't bother with security
- address security issues yourself
