Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I am a computer science student interested in the field of security and just had

ID: 662130 • Letter: I

Question

I am a computer science student interested in the field of security and just had a few questions.

What are the pros and cons for using C# for security purposes, I had assumed applications programmed in C# would be more prone to hacking etc. than C++ due to it being a higher level language and therefore being less "powerful" however I have read up online that C++ and C are not usually recommended for security reasons as buffer overflows cause a lot of security problems.

What are the "best" and "worst" programming languages to learn for security and why? Does it just come down to preference?

Apologies for the vague questions, I am still a beginner, please correct me if I have made any mistakes.

Thanks in advance!

Explanation / Answer

Lower level languages like C and C++ may be referred to as "unsafe" languages because it places a lot of responsibility on the programmer to get things right. For example, when you access and array element arr[i] the C compiler assumes that the programmer knows what he is doing and that i is a valid index for array arr.

Higher level languages such as C# and Java treat the programmer like an idiot and do runtime checks to make sure that arr points to a valid memory location, that i is a valid index for this array, etc. These runtime checks add overhead but in consumer applications where efficiency is not as paramount as keeping development cost low.

If you are interested in security then I would suggest that you study C and C++ since you will come face to face with issues like buffer overflows, heap corruptions, use after frees etc.

Higher level languages like Java are designed for people who don't know or care about security and does all it can to hide these problems from both the user and the programmer, which will not help you learn about these problems, it will just teach you to ignore them.

Many applications are written in high level languages but low level languages will always be relevant because someone needs to build the platforms that run the higher level stuff. Nearly all Java runtime environments are written in C++ and nearly all operating systems are written in C. Scripting languages such as Python Ruby and Perl are written in C. Ruby might be a safe language to program in but there could always be a bug in the underlying virtual machine.

Related Questions

I am Having trouble deciding which formulas I need to use for Question 5 parts (
Question #51057
I am NOT asking for someone to do my program for me, but I need help being point
Question #3651083
I am Not sure what I am doing wrong on part C, but cant seem to get the correct
Question #2270520
I am PHP dev, for more than 8 years working in a company that used Zend Framewor
Question #658713
I am Poison Ivy, a resident of Gotham City. I have a propensity for plants and f
Question #314617
I am SOconfused on how to do these. Can you please walk me through these step by
Question #1260601
I am Using VBA and Iam trying to import the table from Excel to Access this code
Question #3925311
I am Working on a project about university database and i got stuck in DeleteCol
Question #659871

Navigate

Previous
I am a computer science master student. In a statistical learning theory course
Next
I am a developer of an open source project which is hosted in SourceForge. It st

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.