The Ada language was written from the ground up to enable verifiable=20 code to be written. C was designed to write operating systems. Using your analogy, C provides the architect the ability to choose the=20 building material with the appropriate "bombproof-ness" they desire.=20 Hopefully they choose the right level. Ada on the other hand, tries to=20 determine the appropriate level or at least let you know that the level=20 you chose was not right. As an old mentor once told me, with C you have a gun, you have a live=20 round, and you have feet, if you would like to aim at your feet and pull=20 the trigger, go for it. Most other languages will at least warn you=20 about what you are about to do (in corollary, kernel programming lines=20 up everyone elses feet, just in case you miss your own :)) C# and Java make it _much_ easier to write less exploitable code (no=20 pointers to get wrong) C++ can be better than C, or it can be the same,=20 depending on what language constructs you choose to use. The bigger=20 issue is that with most languages you are looking at using multiple 3rd=20 party libraries, any of which can hide the exploit. On 2012-10-10 11:36, Tamas Rudnai wrote: > On 10 October 2012 08:06, V G wrote: > >> C is an absolutely wonderful language. I blame stupid people for the >> software vulnerabilities. >> > > You are talking about hundreds of thousands of people here... ;-)=20 > Virtually > everyone who makes program makes mistakes (bugs), no exception. We=20 > cannot > blame benign people as they are trying to build nice things while=20 > some > other are trying to take these down. Think of an architect, who build > houses, and then they would pushed to work against all possible=20 > terrorist > attacks -- to survive or avoid plane crashes, bombs all sorts, the=20 > 3rd > World War in a heavy bomb raid. You cannot build forts instead of=20 > every > single buildings... > > We need something therefore that prevents exploiting mistakes and=20 > that > helps identifying mistakes. So if a language and/or the platform (OS=20 > and > Hardware) would not help preventing to run an arbitrary code on the=20 > victims > computer, then we cannot call the system as safe. Maybe the language=20 > itself > is wonderful, but we need something that is also secure. In aviation > industry developers tend to use Ada, not C, not C++, not C#, not=20 > Objective > C, nor Java... > > Tamas > > > > > >> >> It's so good because it allows such a fine level of control and you=20 >> always >> know exactly what's going on. I like to know that the code I write=20 >> really >> represents the instructions sent to the CPU. Other languages do=20 >> funny >> things behind your back, which is fine, but in my opinion, it's not=20 >> a >> reason to blame C. >> -- >> http://www.piclist.com PIC/SX FAQ & list archive >> View/change your membership options at >> http://mailman.mit.edu/mailman/listinfo/piclist >> > > > > -- > int main() { char *a,*s,*q; printf(s=3D"int main() { char *a,*s,*q; > printf(s=3D%s%s%s, q=3D%s%s%s%s,s,q,q,a=3D%s%s%s%s,q,q,q,a,a,q); }", > q=3D"\"",s,q,q,a=3D"\\",q,q,q,a,a,q); } --=20 http://www.piclist.com PIC/SX FAQ & list archive View/change your membership options at http://mailman.mit.edu/mailman/listinfo/piclist .