Programmer Humor

32000 readers

1744 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

Posts must be relevant to programming, programmers, or computer science.
No NSFW content.
Jokes must be in good taste. No hate speech, bigotry, etc.

founded 5 years ago

MODERATORS

[email protected]

881

If programming languages were weapons. Old but gold. (feddit.it)

submitted 11 months ago by [email protected] to c/[email protected]

154 comments fedilink hide all child comments

Source: so old it's lost

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 77 points 11 months ago (30 children)

C++ and ruby are weird, especially since C is somehow considered a reliable rifle. Rust betrays it's age

[–] [email protected] 71 points 11 months ago (7 children)

C is reliable in the sense that your C program reliably has memory leaks and security holes.

[–] [email protected] 17 points 11 months ago* (last edited 11 months ago) (6 children)

Unlike your Java program amirite.

The benefit of java is that you didn’t write the security holes in your software.

[–] [email protected] 3 points 11 months ago* (last edited 11 months ago) (3 children)

Programmers can trust language security features too much...

Of course, they're nice to have and really can make things easier to implement securely but it's still very easy to introduce security problems or bugs into any code. This is just an unsolvable problem of writing imperative code. All imperative code will reliably have memory leaks (even in Java!) and security holes because no compiler can check to see if you thought of everything.

And large and complex compilers/interpreters with these security features can end up introducing their own security problems or bugs in the process of implementing them.

I'm just tired of people entirely dismissing languages like C because they don't have these features. Especially when the operating systems their code runs on and their languages may even be implemented in C!

[–] [email protected] 4 points 11 months ago* (last edited 11 months ago)

Buffer overflows were last seen on the OWASP top 10 list in 2004. Favoring of anything else over C for most things is a pretty obvious reason why. A language change destroyed an entire class of bugs.

[–] [email protected] 2 points 10 months ago* (last edited 10 months ago) (1 children)

because no compiler can check to see if you thought of everything.

We can try to get closer to that with better language design. You'll never get there but I think there are obvious benefits as to why you'd want to do that.

I write way less bugs in Rust than I have in Java or C++, and that's mostly thanks to the language design.

I'm just tired of people entirely dismissing languages like C because they don't have these features. Especially when the operating systems their code runs on and their languages may even be implemented in C!

Because that code has been review and re-reviewed and patched by experts in the field for years. You're not gonna write a backend for an app with short deadlines in C because that would be absolutely fucking insane.

[–] [email protected] 2 points 10 months ago

Right tool for the right job. C is a stupid choice for most modern apps but it's indispensable for embedded stuff

[–] [email protected] 1 points 11 months ago

It's a "tool for the job" game. I don't trust a junior developer to write a login system. I've found security flaws in login systems written by senior developers who "know what they're doing TM". Unless I'm the expert in a given domain, it's better to trust something written by those experts.

For the record (since it's fixed anyway), I discovered a common login timing vulnerability on one of our production systems that had been in place for nearly 15 years. Luckily we didn't have enough traffic for anyone to notice it before me.

load more comments (2 replies)

load more comments (24 replies)