Using an unsafe language is a design flaw

submited by
Style Pass
2024-06-10 11:00:01

As part of my dumb life, I recently got into an argument about whether using an unsafe programming language like C or C++ in a project is a software security design flaw. Of course, the answer is “hell yes.” In fact, it belongs at the very top of lists such as this one from the IEEE: Avoiding the Top 10 Software Security Design Flaws. Tragically, the IEEE does not get this, resulting in this blog post right here.

As a service to my readers with a short attention span, the TLDR is that choosing an unsafe language is a big dumb mistake, and it occurs before writing actual code, that is to say, in the design phase.

Why do doors look like this, with large panels set into thinner vertical and horizontal framing elements? It seems complicated. Why not just get a bunch of tall, flat planks and glue them edge-to-edge into a rectangle?

The reason is that the door is made out of wood, and wood expands and contracts according to the moisture in the air. If you look closely at wood you’ll see it has a grain structure. Think of it as made out of little straws, all lined up in the same direction. When the air is moist, water can enter the straws from their ends, and they get fatter: the wood expands across the grain.

Leave a Comment