Programmers can trust language security features too much…
Of course, they’re nice to have and really can make things easier to implement securely but it’s still very easy to introduce security problems or bugs into any code. This is just an unsolvable problem of writing imperative code. All imperative code will reliably have memory leaks (even in Java!) and security holes because no compiler can check to see if you thought of everything.
And large and complex compilers/interpreters with these security features can end up introducing their own security problems or bugs in the process of implementing them.
I’m just tired of people entirely dismissing languages like C because they don’t have these features. Especially when the operating systems their code runs on and their languages may even be implemented in C!
because no compiler can check to see if you thought of everything.
We can try to get closer to that with better language design. You’ll never get there but I think there are obvious benefits as to why you’d want to do that.
I write way less bugs in Rust than I have in Java or C++, and that’s mostly thanks to the language design.
I’m just tired of people entirely dismissing languages like C because they don’t have these features. Especially when the operating systems their code runs on and their languages may even be implemented in C!
Because that code has been review and re-reviewed and patched by experts in the field for years. You’re not gonna write a backend for an app with short deadlines in C because that would be absolutely fucking insane.
I think it’s definitely a dig at windows, because that used to be the primary issue with c#, you could only really target windows and you could only write it using windows. You could run .net framework applications on Linux, but it was a lot of work and it really underperformed (which would fit the timeline of 2015, when this comic was first posted). Now with .net core you can make a self contained executable that can run on anything.
The M1 Garand is known for having a problem during reloading where you have to stick your thumb in a slot that’s about to shut very hard. There are techniques to avoid getting pinched, but “Garand thumb” is a well-known phrase among vintage rifle enthusiasts.
I watched Jon Gjenset’s stream where he implemented the beginnings of a BitTorrent client in Rust and of the four hours about 25% of it was spent wrestling with quirks in serde and reqwest.
It was pretty discouraging watching a pro have to fight the ecosystem so hard.
How long ago was this? I think the ecosystem got waaay better in the last 1-2 years. 3-4 years ago it was rough but shit still worked with a bit of trouble.
Eh, that’s unfortunate. Yeah the whole ecosystem is still a bit wonky, probably more wonky than most popular languages but tbh I rarely used a stack that just worked out of the box, it almost always took some dicking around, I’d rather do the dicking around with a language that doesn’t always seem to work against me.
C++ and ruby are weird, especially since C is somehow considered a reliable rifle. Rust betrays it’s age
C is reliable in the sense that your C program reliably has memory leaks and security holes.
Unlike your Java program amirite.
The benefit of java is that you didn’t write the security holes in your software.
Programmers can trust language security features too much…
Of course, they’re nice to have and really can make things easier to implement securely but it’s still very easy to introduce security problems or bugs into any code. This is just an unsolvable problem of writing imperative code. All imperative code will reliably have memory leaks (even in Java!) and security holes because no compiler can check to see if you thought of everything.
And large and complex compilers/interpreters with these security features can end up introducing their own security problems or bugs in the process of implementing them.
I’m just tired of people entirely dismissing languages like C because they don’t have these features. Especially when the operating systems their code runs on and their languages may even be implemented in C!
We can try to get closer to that with better language design. You’ll never get there but I think there are obvious benefits as to why you’d want to do that.
I write way less bugs in Rust than I have in Java or C++, and that’s mostly thanks to the language design.
Because that code has been review and re-reviewed and patched by experts in the field for years. You’re not gonna write a backend for an app with short deadlines in C because that would be absolutely fucking insane.
Right tool for the right job. C is a stupid choice for most modern apps but it’s indispensable for embedded stuff
As does C#. The Windows-specific parts are not the parts most developers will use these days.
I took it as the donkey being .NET
C# is .Net though. It’s only syntax without it.
I think it’s definitely a dig at windows, because that used to be the primary issue with c#, you could only really target windows and you could only write it using windows. You could run .net framework applications on Linux, but it was a lot of work and it really underperformed (which would fit the timeline of 2015, when this comic was first posted). Now with .net core you can make a self contained executable that can run on anything.
You can even compile to a native executable these days I believe so you don’t have to have the .net runtime installed or bundled.
2015? I’m sure last time I saw this it was way before 2015
Agree. That one didn’t age well…
The M1 Garand is known for having a problem during reloading where you have to stick your thumb in a slot that’s about to shut very hard. There are techniques to avoid getting pinched, but “Garand thumb” is a well-known phrase among vintage rifle enthusiasts.
This fits C very well.
C is a knife. The basic thing you can build weapons (programming languages) with.
Or a screwdriver?
Yes. Knives can also be used as screwdrivers for fasteners with a “blade” or “flat” head.
It’s a screwdriver without a head because you have to build it yourself
You are confusing C with UNIX
same difference
The old joke is that C++ is an octopus made by nailing legs to a dog.
So it should probably be a rifle-chaku made by connecting two Garands with a chain.
C# vs Java is also really weird since C# started out as basically a Java clone.
I watched Jon Gjenset’s stream where he implemented the beginnings of a BitTorrent client in Rust and of the four hours about 25% of it was spent wrestling with quirks in serde and reqwest.
It was pretty discouraging watching a pro have to fight the ecosystem so hard.
How long ago was this? I think the ecosystem got waaay better in the last 1-2 years. 3-4 years ago it was rough but shit still worked with a bit of trouble.
Two days ago lol
Eh, that’s unfortunate. Yeah the whole ecosystem is still a bit wonky, probably more wonky than most popular languages but tbh I rarely used a stack that just worked out of the box, it almost always took some dicking around, I’d rather do the dicking around with a language that doesn’t always seem to work against me.