[cryptography] To Virtualise or Not?

ianG iang at iang.org
Thu Feb 23 17:44:04 EST 2012

Hi James,

On 23/02/12 11:16 AM, James A. Donald wrote:
> On 2012-02-23 9:07 AM, ianG wrote:
>> Um. I feel exactly the reverse. I feel uncomfortable with crypto code
>> written in languages that guarantee buffer overflows, stack busting
>> attacks, loose semantics at data and calling levels, a 5 x developer
>> penalty, and an obsession about the metal not the customer.
> Language wars are off topic, but ...

Well, yes and no.  If this is a theoretical group, then sure.

If however there is a shred of practicality here, no.  Understanding 
what happens in the real world is critical to delivering useful crypto: 
  We can wax on about the esoterics of some new mode, but all algorithms 
have to pass the coder test as well.

> They had this debate at google, wherein they discovered that good java
> developers could not reliably estimate the way in which java code
> scaled, but that good C++ programmers could reliably estimate the way in
> which C++ code scaled. Since incorrect scaling behavior can bring google
> to its knees ...

Yeah sure.  Causality and correlation.  The underlying driver here is 
that Java coders produce more because they don't need to know as much. 
C++ coders might be better at understanding what they produce, but 
that's mostly because they have to.  C++ is more clunky, it's more 
"engineering".  They have to know more about that which has been 
abstracted away elsewhere.

Is this a benefit or a cost?  It's as they say, it's a nice problem to have.

> My C++ code does not have buffer overflows, nor does it ever store
> potentially hostile data of unlimited size, nor does it ever casually
> impose types on void pointers

;-) and most companies' C++ code is written by coders that would like to 
say the same thing, but are unsure why it is important.  Java 
programmers know less and are busy elsewhere.

It's the same debate between Airbus and Boeing pilots... It may be true 
that Boeings fly more like real planes, but Airbuses are easier to train 
pilots for.  Guess which one wins out in the end?


More information about the cryptography mailing list