On Tue, May 8, 2018 at 4:33 PM <mad.scientist.at.la...@tutanota.com> wrote: > > So are there currently any languages (currently in use/supported) designed to avoid the problems with C and other languages? > > Something with strong types and provisions for automatic input validation beyond typing, i.e. range limitation? > > Something that compiles, something that doesn't self optimize (math may be good, but just like encryption the implementation can be flawed/exploitable due to various errors). Because you can't validate a moving target. > > something that strongly isolates data from code, something that protects the heap and stack aggressively (other than just os implemented mechanisms like stack canaries). > > Any suggestions? I'm going to be picking up programming again and I'd greatly prefer spending my time using a language that has security built in rather than depend on the application programmer adding protections after the fact. > > I'll still have to learn C as well, so I can understand/modify existing code but I'd like to be as proactive as possible about security and reliability in what I write. And again, something that compiles. Not specificly looking at writing web apps per say, though i'd also be interested in any well secured/proactive languages for some internet/LAN usage.
I think Go and Rust would fit the bill. Regards. -- Dr. Canek Peláez Valdés Profesor de Carrera Asociado C Departamento de Matemáticas Facultad de Ciencias Universidad Nacional Autónoma de México
