|lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives
Date: Mon, 1 Jan 2007 18:03:38 -0500 From: Chad Maron <chad@...ianworks.net> To: bugtraq@...urityfocus.com Subject: Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Hrm, this is a topic that always angers me. I agree that PHP has some glaring imperfections (what's the order of operations for explode? implode? join? split? Which one uses regex? Or what about a laughable excuse for objects until version 5), but I think it's the programmer that should be held accountable for *most* of the bad code and buggy software out there. I think the big problem is people going into programming that have no business being there. They do it for the money and could care less if their code is well written, elegant, robust, secure, or working. Some of the worst code I've ever seen (both in person and on sites like thedailywtf.com) are from people who obviously read that Java and VB .Net are the new 'it' languages and take a few courses or get a certification. As far as I'm concerned, PHP is one of the better languages out there it's just that lazy and incompetent pseudo-developers get their hands on tutorial code and copy-paste it into oblivion. BUT... that's just my two cents.
Powered by blists - more mailing lists