Competent; 2: having requisite or adequate ability or qualities
Anyone who cannot copy memory precisely, using whatever language or library, should not be programming a computer. Moving data around IS programming. If you can't count you can't program.
If you can program, you can program in any language. If you can't, giving you Java or Lava or Shmava to hack ain't gonna help. If the compiler and runtime have to babysit you because you can't be trusted to count to 255 (or was that 256?) what the hell are you doing there anyway.
Overall I am sick and tired of people blaming languages for all the problems of the world. The problem is people, people.
You can either program or you cannot. My reading of the industry is that less than 10% of professional programmers are properly trained and understand exactly what they are doing, and about half should look for other avenues of employment. (I know this because along the way I employed a few of those by mistake.) Not a pretty picture.
That's the real reason why we have things like “buffer overflow” exploits, a problem which should have disappeared about a month after it was raised as a security issue, and did so for competent programmers. But the code jockeys still don't get it! (Hint: It is 256 after all! And add one for good luck.)
Microsoft adding one more idiotic restriction to try to reign in the cowboys is about as useful as trying to market edible condoms. ( It's late, I'm tired, I couldn't think of anything else and condoms are in the news here in .au.)
@Jake 05:26 GMT
You are not quite correct. I dealt with some MS programmers a while back in Redmond and they were not kids. They were exceptional software professionals who knew exactly what they were doing. Microsoft doesn't get it wrong because of the technical people it employs. Try taking pot shots at the marketers, hype merchants, slimy strategists who want to control the world and the other cheating, lying swine up there.
@Torben Mogensen 07:14 GMT
“But I have to agree with Kevin that the core of the problem is using C, which checks nothing at runtime at not enough at compile time.”
It's not a C problem Torben. One uses a language as given. A good programmer understands the strengths and limitations of the chosen language and gets on with producing a safe, functional, tested product.
@James 20:43 GMT
“The only real solution to real code stability and security is to stop using insecure languages and ensure people you employ are competent enough to fully understand the implications of *every* line of code they write.”
James, there is no such thing as an “insecure language”. There are however “insecure programmers” who do not understand the implications of what they are doing.