« A Better Chance of Survival | Main | Physical Disaster Without Data Disaster? »

September 13, 2005

Safer Programming; Safer Programs

Many programmers today still code primarily in C/C++ when writing applications from the ground up. The problem is, many developers think of security as an after thought. The last thing a company wants to do is to hire a PR firm to handle their data theft fiasco or worry about lawyer fees because a 'script kiddie' got his kicks on your servers. One way to greatly lessen the probability of having such an event occur is to have your developers write their applications in a 'safe' language such as Java.

Java implements many safety features allowing the programmer and the client/end user to relax. For instance, Java has buffer bounds checking which makes buffer overflows nearly impossible to accomplish. When programming in C/C++ you are expected to write your own code to check bounds. Not only can this add development time, but it is a step which many younger programmers generally skip so they can move on to the areas that interest them more. With Java's type of low level protection occurring for the programmer, it is easier to work on higher level problems which are generally more apparent from the developer's perspective. It also allows the programmer to move to the areas that they find more interesting without compromising model security.

What language(s) are running your infrastructure?

Posted by on September 13, 2005 03:01 PM

Comments

Post a comment