[M3devel] Heartbleed, initialization, and Modula-3

Henning Thielemann schlepptop at henning-thielemann.de
Thu Jun 5 10:51:01 CEST 2014


Am 05.06.2014 00:39, schrieb Rodney M. Bates:

> Olaf's recent mention of safe languages and Heartbleed prompted me to
> look into the specifics of the bug, particularly to see what Modula-3
> might have done to prevent it.

My general experience is that a language is only as safe as the 
programmer wants to. You can add as many safety belts as you like, a 
careless programmer will always find a way to remove them. I consider 
the value of safe languages the other way round: A careful programmer 
can get a lot of security support from a safe language.

The programmer of the heartbleed bug was criticized for rating 
performance higher than security and other things. There would have been 
ways to prevent that bug even in C.




More information about the M3devel mailing list