| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 30 Mar 2011 23:28:05 -0400 From: "Randal T. Rioux" <randy@...cyonlabs.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: SSL Capable NetCat and more On 3/27/2011 4:29 PM, Dan Tulovsky wrote: >> Beside that, scnc is written in pure-Perl, and is easily modifiable >> by anyone. Such really simple (dumb?) stuff should not be written in >> low-level languages such as C. > > You can't be serious... Shirley, he is. Perl is shite. It's a dependency hell, it lacks the "logic" of C/C++ and is interpreted (as pointed out by others). Any code base can be modifiable by anyone - as long as it is open sourced. Don't get me wrong, I'm not criticizing the product. I think reinventing the wheel in lesser performing methods is great. Just don't disregard C. To be honest, in my code auditing days, it was SO much easier to find flaws in C/C++ than Perl, because Perl is just messy and ugly. Something looks wrong, but it's right. Uggh! But if you need to write something quick for an easy task, by all means, hit the Perl. It's like using Java to write large scale enterprise products. Who the hell? Why? Portability is nice, but performance is better. Java belongs in the small-scale realm of applications. Grumble grumble. Get off my lawn. Back to the lair :-) Randy _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists