[DUG] iOS 64bit - Delphi vs Java
Jolyon Smith
jsmith at deltics.co.nz
Fri Jan 30 08:46:16 NZDT 2015
@John,
I have to wonder what the rational debate would be about.
There are two ways to interpret a concern about "age" and "years in
existence" is I think too literal an interpretation.
Measured from it's birth Delphi is perhaps about the same age as Java,
yes. Although that is only the case if you ignore the previous existence
of Turbo Pascal, from which Delphi directly evolved.
But in addition, Java was (one of) the first in the new generation of
managed runtimes. A new(er) technology and a new (to many) approach. .net
and Java are cut from the same cloth. Or at least more significantly
similar cloth than Delphi and .net or Delphi and Java. For example.
As a secure language, Delphi has no more problems (and in many ways fewer)
than, say, C or C++. But as the runtime works more directly with memory
than the managed runtimes with no sandbox of its own and no gatekeeper
other than as may be provided in the (similarly aging) OS API's, yes as a
language it is less secure than a managed runtime. Of course it's possible
to write secure code, but it is also significantly easier to inadvertently
write non-secure code than in a managed environment (the distinction of
those others being 'managed' somewhat being the point) where the compilers
will these days often specifically reject such code unless you go out of
your way to re-assure the compiler that you know what you are doing (or at
least think you do).
There is also the use of proprietary technologies that the tool vendor has
a habit of changing from time to time. Did you replace the BDE yet ? Did
you replace it with DBExpress ? Using 3rd party drivers ? Are they still
supported ? When might you be planning to replace DBExpress with FireDAC
? What comes after FireDAC ? Did you ever migrate to CLX ? (and then
what?) Have you migrated from VCL to FMX yet ?
It is hard to avoid the fact that Borland/CodeGear/Embarcadero have "form"
in this area.
(Which isn't to say that .net is itself entirely immune from such issues)
On 29 January 2015 at 18:32, John Bird <johnkbird at paradise.net.nz> wrote:
> Old yes, well C is older, C++ is about as old, Java is about as old (1996
> for V1). So there is a rational debate to be had about age.
>
> Security risk ?
>
> I would have thought off the top of my head that Delphi does not carry too
> many obvious security risks:
> - Relatively few DLL problems as it generally packages everything in the
> EXE
> - Relatively immune to buffer overflows if not allocating memory manually
> or
> using C-type strings (PChar).
> - Can one really make a case that Delphi is less secure than Java?
>
> There are occasional bugs to watch out for eg
>
>
> http://www.coresecurity.com/advisories/delphi-and-c-builder-vcl-library-buffer-overflow
>
> Maybe the corporates mean security risk of an ageing programmer suddenly
> feeling the need to retire from whatever cause.
>
>
> -----Original Message-----
> From: Paul Hectors
> Sent: Thursday, January 29, 2015 4:38 PM
> To: NZ Borland Developers Group - Delphi List
> Subject: Re: [DUG] iOS 64bit
>
> +1
>
> My recent experience is that corporates do not like it when you inform them
> that your application is written in Delphi, it is perceived as old and a
> security risk. It would be nice if there was a white paper or some material
> to reassure them.
>
>
> _______________________________________________
> NZ Borland Developers Group - Delphi mailing list
> Post: delphi at listserver.123.net.nz
> Admin: http://delphi.org.nz/mailman/listinfo/delphi
> Unsubscribe: send an email to delphi-request at listserver.123.net.nz with
> Subject: unsubscribe
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listserver.123.net.nz/pipermail/delphi/attachments/20150130/3de86e56/attachment-0001.html
More information about the Delphi
mailing list