<div dir="ltr">@John,<br><br>I have to wonder what the rational debate would be about.<br><br>There are two ways to interpret a concern about "age" and "years in existence" is I think too literal an interpretation.<br><br>Measured from it's birth Delphi is perhaps about the same age as Java, yes. Although that is only the case if you ignore the previous existence of Turbo Pascal, from which Delphi directly evolved.<br><br>But in addition, Java was (one of) the first in the new generation of managed runtimes. A new(er) technology and a new (to many) approach. .net and Java are cut from the same cloth. Or at least more significantly similar cloth than Delphi and .net or Delphi and Java. For example.<br><br>As a secure language, Delphi has no more problems (and in many ways fewer) than, say, C or C++. But as the runtime works more directly with memory than the managed runtimes with no sandbox of its own and no gatekeeper other than as may be provided in the (similarly aging) OS API's, yes as a language it is less secure than a managed runtime. Of course it's possible to write secure code, but it is also significantly easier to inadvertently write non-secure code than in a managed environment (the distinction of those others being 'managed' somewhat being the point) where the compilers will these days often specifically reject such code unless you go out of your way to re-assure the compiler that you know what you are doing (or at least think you do).<br><br><br>There is also the use of proprietary technologies that the tool vendor has a habit of changing from time to time. Did you replace the BDE yet ? Did you replace it with DBExpress ? Using 3rd party drivers ? Are they still supported ? When might you be planning to replace DBExpress with FireDAC ? What comes after FireDAC ? Did you ever migrate to CLX ? (and then what?) Have you migrated from VCL to FMX yet ?<br><br>It is hard to avoid the fact that Borland/CodeGear/Embarcadero have "form" in this area.<br><br>(Which isn't to say that .net is itself entirely immune from such issues)<div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On 29 January 2015 at 18:32, John Bird <span dir="ltr"><<a href="mailto:johnkbird@paradise.net.nz" target="_blank">johnkbird@paradise.net.nz</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Old yes, well C is older, C++ is about as old, Java is about as old (1996<br>
for V1). So there is a rational debate to be had about age.<br>
<br>
Security risk ?<br>
<br>
I would have thought off the top of my head that Delphi does not carry too<br>
many obvious security risks:<br>
- Relatively few DLL problems as it generally packages everything in the EXE<br>
- Relatively immune to buffer overflows if not allocating memory manually or<br>
using C-type strings (PChar).<br>
- Can one really make a case that Delphi is less secure than Java?<br>
<br>
There are occasional bugs to watch out for eg<br>
<br>
<a href="http://www.coresecurity.com/advisories/delphi-and-c-builder-vcl-library-buffer-overflow" target="_blank">http://www.coresecurity.com/advisories/delphi-and-c-builder-vcl-library-buffer-overflow</a><br>
<br>
Maybe the corporates mean security risk of an ageing programmer suddenly<br>
feeling the need to retire from whatever cause.<br>
<br>
<br>
-----Original Message-----<br>
From: Paul Hectors<br>
Sent: Thursday, January 29, 2015 4:38 PM<br>
To: NZ Borland Developers Group - Delphi List<br>
Subject: Re: [DUG] iOS 64bit<br>
<br>
+1<br>
<br>
My recent experience is that corporates do not like it when you inform them<br>
that your application is written in Delphi, it is perceived as old and a<br>
security risk. It would be nice if there was a white paper or some material<br>
to reassure them.<br>
<br>
<br>
_______________________________________________<br>
NZ Borland Developers Group - Delphi mailing list<br>
Post: <a href="mailto:delphi@listserver.123.net.nz">delphi@listserver.123.net.nz</a><br>
Admin: <a href="http://delphi.org.nz/mailman/listinfo/delphi" target="_blank">http://delphi.org.nz/mailman/listinfo/delphi</a><br>
Unsubscribe: send an email to <a href="mailto:delphi-request@listserver.123.net.nz">delphi-request@listserver.123.net.nz</a> with Subject: unsubscribe<br>
</blockquote></div><br></div>