On Mon, Apr 28, 2014 at 09:23:03PM -0500, William Lederer wrote: > Regarding why programmers don't write libraries in common lisp (ignoring > what seems to be a screaming terror of the parenthetical, functional world) > is that cryptography must be fast, and it must not leak timing information. > > A final word here--I spend my days auditing and pen testing programs > written in managed languages: C# and Java. None of the errors that bring > down systems and lead to breaches in these languages result from bounds > checking or buffer overflow issues. None of them are subject to the same > kinds of flaws C exposes as evidenced by heartbleed. Nonetheless, there are > vulnerabilities. > > And I am sure that all remember the vulnerability exposed in Ycombinator > which is written in Lisp. Simply writing your stuff in Lisp is not enough.
And that is a point that bears repeating: Whatever programming language you end up using, it will not magically protect you from all errors or mistakes. Depending on its design and other details, it might protect you from _some_ classes of errors (such as shooting yourself in the foot with pointers), but no matter what language, there _will_ still be plenty of beartraps patiently waiting for the unwary. Heck, even something as heavily discipline-and-bondage as SPARK ADA leaves opportunities to screw up big time - just get your design assumptions wrong and you can be toast. Kind regard, Alex. -- "Opportunity is missed by most people because it is dressed in overalls and looks like work." -- Thomas A. Edison _______________________________________________ pro mailing list pro@common-lisp.net http://common-lisp.net/cgi-bin/mailman/listinfo/pro