Java obviously, there are no security issues with java...

No wait! Ruby, that should be perfect, can't cause buffer overflow there....

Ermm.. wait I got , well use python!

I can't speak for Ruby, but in both Java and Python I've never seen a bug this embarrassingly bad. I mean, this bug simply would not have happened in a language with a working boolean type, or with exceptions (I trust the ZeroMQ guy's judgement about as far as I can throw him).

What do you think the Java runtime is written in? The Ruby runtime? The Python runtime?

Hint: it starts with a C.

If you build a house in a swamp, you are in trouble.

Wow, you're daft. Everything is, ultimately, getting turned into machine code. Not even Lisp Machines could get away from this fundamental fact: http://funcall.blogspot.com/2009/04/some-lisp-machine-minuti...

> Bogus objects — properly tagged words with invalid addresses that pointed at uninitialized memory or into the middle of object of a different type — which would cause the GC to corrupt memory would be left in registers or on the stack. These sort of problems were everywhere in the microcode.

Go build your cabin in the woods now.

Sure one can corrupt memory on a Lisp Machine. System software like the micro code or the garbage collector can contain bugs.

Something like a buffer overflow was very very rare. This was not a systemic problem like it is in C.

> The Python runtime?

Why, Python, of course![0]

[0] - http://pypy.org/

(I jest, your point is entirely valid)

I was making a joke....

If C is the wrong choice, what is the right choice?

In a couple years or so, my bet would be on Rust.

Java has several runtimes. The most popular one is Hotspot and written in C++.

You can write the Python runtime in something other than C:

http://pypy.org/

And there are Java compilers and runtimes written in Java, and Lisp compilers written in Lisp, etc.

Actually C is an excellent choice for security relevant systems software because the issues for developing in C are well understood and can easily be mitigated by following 30 years worth of best practice patterns and using the correct development tools.

The issue is developers are not using the tools or following the best practices because they think they know better than 30 years worth of experience or get caught up in bikeshedding about ideology, licenses and which line the curly braces go on.

"Actually C is an excellent choice for security relevant systems software because the issues for developing in C are well understood and can easily be mitigated by following 30 years worth of best practice patterns and using the correct development tools."

Nevermind the copious undefined behavior, the fact that C programmers sometimes struggle to figure out what a valid C expression actually does, the fact that C programmers have to choose between code bloat and using "goto" for finalization, the fact that there are no standard error handling constructs, the fact that strings are null terminated, the lack of a standardized way to determine array lengths at runtime, etc., etc., etc. Even something as simple as this:

int f(int x, int y) { return x + y; }

Can lead to undefined behavior in C:

https://www.securecoding.cert.org/confluence/display/seccode...

Basically C should be at the bottom of the list of languages that programmers choose for cryptography or security software.

Can you link to the 30 years of best practice document, I must have missed it.

A good place to start:

http://www.amazon.com/The-CERT-Secure-Coding-Standard/dp/032...

Online:

https://www.securecoding.cert.org/confluence/display/seccode...

Others:

http://www.amazon.com/Secure-Coding-Edition-Software-Enginee...

http://www.amazon.com/Style-Guidelines-Programming-Professio...

http://www.amazon.com/C-Traps-Pitfalls-Andrew-Koenig/dp/0201...

Another good read (it probably does not reflect how you want to write C code, the rule about dynammic allocation is probably extreme if you are not writing code to fly spaceships, but I think it is good to read regardless): http://lars-lab.jpl.nasa.gov/JPL_Coding_Standard_C.pdf

C and C++ are specifically discouraged as programming languages in "Cryptography Engineering" (Niels Ferguson, Bruce Schneier, Tadayoshi Kohno, 2010).

Rust seems like it might be a good choice in the not too distant future.

A brand new language is the best choice for security software?

Preferably something generated from a formal proof tool. It wouldn't be perfect (nothing is), but the mistakes would be less stupid. Which is a big jump!

There's a bit of research in this, but I don't know of anything that's ready to use.

Well, there's Coq, which (per my understanding) may or may not make the cut depending on how you define "ready to use".

I know Coq as a tool to help generate proofs. Does it generate code? Either way, it's not a verified implementation of TLS.

For that, we'd need: (1) A set of properties to verify for an implementation (2) An implementation to verify

Looking at http://coq.inria.fr/related-tools, there may be some related tools that could do the job. Still, there's a research project there.

People absolutely use Coq to generate code. I don't know what else is involved.

A few substantiating links from my search results for "coq generating code":

http://coq.inria.fr/V8.1/refman/Reference-Manual021.html

http://research.microsoft.com/en-us/um/people/akenn/coq/LOLA...

http://research.microsoft.com/en-us/um/people/nick/coqasm.pd...

Oh great! Thanks. Upvoted.

Maybe ADA SPARK?:

http://senier.net/libsparkcrypto/

In a few years, Go. It's native crypto libraries are impressive already, though not thoroughly vetted. There's nothing wrong with C though, as long as carefully written. The biggest asset is that every popular language can link to it.