Microsoft at it's best...
Microsoft at it's best...
Microsoft, not happy with their illegally attained empire over IT, decide to impose their own proprietary standards onto the C++ programming language, by adding tons of perverse language extensions to please the likes of VB and C# coders and starting to call perfectly safe standard algorithms "deprecated". The day will soon come M$ patents C and C++ as their own invention.
Details in linked article: http://www.informit.com/guides/content. ... m=259&rl=1
I'm glad I haven't bought Microsoft products like the Media Center or the XBox360, and I certainly am not going to give them my money for Vista...
/ends rant and spam
Details in linked article: http://www.informit.com/guides/content. ... m=259&rl=1
I'm glad I haven't bought Microsoft products like the Media Center or the XBox360, and I certainly am not going to give them my money for Vista...
/ends rant and spam
Last edited by AkiraDev on Wed Jan 04, 2006 9:08 pm, edited 1 time in total.
Back, just not as often
Windows Vista SP1, Ubuntu 8.04
MinGW 3.4.5, GCC 4.2.1
Code::Blocks
wxWidgets 2.8.9
Windows Vista SP1, Ubuntu 8.04
MinGW 3.4.5, GCC 4.2.1
Code::Blocks
wxWidgets 2.8.9
-
- Super wx Problem Solver
- Posts: 396
- Joined: Wed Oct 05, 2005 1:19 am
NO. Why do we need another proprietary language?
If C or C++ became proprietary I would stop programming!
I seem to recall reading something on Bjarne Stroustrup's page about YAPL (Yet another proprietary language), anyways can't seem to find it....
http://public.research.att.com/~bs/
About MS compilers what do you expect? I don't like MS that much, and one way to voice the displeasure is to not buy/use their products.
If C or C++ became proprietary I would stop programming!
I seem to recall reading something on Bjarne Stroustrup's page about YAPL (Yet another proprietary language), anyways can't seem to find it....
http://public.research.att.com/~bs/
About MS compilers what do you expect? I don't like MS that much, and one way to voice the displeasure is to not buy/use their products.
-
- wxWorld Domination!
- Posts: 1339
- Joined: Wed Aug 03, 2005 8:10 am
- Location: BANGALORE, INDIA
- Contact:
Your poll and question are both different. I don't see any harm in using safe strings function instead of regular one. The latest C++ standard also talks about that, the other compiler vendors are too slow to pick. If you have knowledge of various security vunerabilty and are working on some secure software, then may be you should give thanks to MS. There are a lot more serious now-a-days about secure coding practices after the windows security push. The older string functions are highly unsafe and the stack overflow can cause any hacker to take over your computer remotely.
You're absolutely right about my poll, I should have made the question less dubious by saying "the C++ standard" instead of just "C++".priyank_bolia wrote:Your poll and question are both different. I don't see any harm in using safe strings function instead of regular one. The latest C++ standard also talks about that, the other compiler vendors are too slow to pick. If you have knowledge of various security vunerabilty and are working on some secure software, then may be you should give thanks to MS. There are a lot more serious now-a-days about secure coding practices after the windows security push. The older string functions are highly unsafe and the stack overflow can cause any hacker to take over your computer remotely.
Having explained that, the standards comitee usually sees no problem with platform-specific implementations of the standard. What MS does, however, is introduce warnings - or perhaps, heaven forbid, errors - in their compiler for perfectly correct STL code, unlike those really deprecated old function calls to char* you mention. This is the latest iteration of the STL we're talking about, it's type-safe and not easily exposed to buffer overflows.
This is like you said, a push from MS, but one that aims at creating Windows-centric habits in C++ developers. Once a programmer gets too used to code in VC++ 8, he won't try other compilers/platforms that fast. The alternatives will just sound "wrong" to him.
Your post gives the impression that you are overestimating the importance of Microsoft's "pushes". It was the Win9x generation that spawned 80% of today's security problems. Microsoft only started to push security because a good number of big enterprise clients starting flirting alternatives like Linux. Windows Vista is finally going to cut down on user priviledges, like any UNIX-based OS has always done for more than 3 decades. Some push...
Among all major commercial compilers, VC++ was the last to correctly implement templates recursion and portions of the STL. If you google for it, you can find out how to routinely crash VC++6 with legal code.
Back, just not as often
Windows Vista SP1, Ubuntu 8.04
MinGW 3.4.5, GCC 4.2.1
Code::Blocks
wxWidgets 2.8.9
Windows Vista SP1, Ubuntu 8.04
MinGW 3.4.5, GCC 4.2.1
Code::Blocks
wxWidgets 2.8.9
-
- Filthy Rich wx Solver
- Posts: 235
- Joined: Sun Oct 10, 2004 2:53 am
Your poll is completely out of line, and you are completely overreacting just as badly as the author of this article is. Firstly, just because microsoft adds new functions to C++ does not make C++ a proprietary language. GCC also has their own extensions to C and presumably C++ as well, does anybody accuse them of having a proprietary C++?
The code given in the article is actually unsafe when placed into a real working environment where it won't be properly constructed only to demonstrate its safety. Buffers won't always be 10 characters and source strings won't always be less than 10 characters. There is no gaurentee that this construct won't break. The warning that microsoft chose to give to programmers may have been a bad choice, but its intentions are correct.Having explained that, the standards comitee usually sees no problem with platform-specific implementations of the standard. What MS does, however, is introduce warnings - or perhaps, heaven forbid, errors - in their compiler for perfectly correct STL code, unlike those really deprecated old function calls to char* you mention. This is the latest iteration of the STL we're talking about, it's type-safe and not easily exposed to buffer overflows.
May I call you paranoid? What are Windows-centric coding habits anyway? To think that microsoft is trying to take over the world due to one compiler warning is completely off base. The function invocation as coded in the article for std::copy is safe, surely, but that is a very isolated piece of code. There is only the gaurentee that the dest buffer is large enough because he wrote all of it to demonstrate that fact. Real world code has no such gaurentees, and is therefore unsafe. This similar argument can be applied to his problems with microsofts new versions of strncat_s and similar functions. He constructs an example very carefully showing that undefined behavior can still occur by doing pointer arithmetic and purposfully trying to achieve undefined behavior. Congradulations! You proved that if you try hard enough you can write a broken program. Does that make the functions inherantly unsafe? No. It makes the coder who wrote that example inherantly foolish.This is like you said, a push from MS, but one that aims at creating Windows-centric habits in C++ developers. Once a programmer gets too used to code in VC++ 8, he won't try other compilers/platforms that fast. The alternatives will just sound "wrong" to him.
This has nothing to do with your accusation that MS is making C++ proprietary.Your post gives the impression that you are overestimating the importance of Microsoft's "pushes". It was the Win9x generation that spawned 80% of today's security problems. Microsoft only started to push security because a good number of big enterprise clients starting flirting alternatives like Linux. Windows Vista is finally going to cut down on user priviledges, like any UNIX-based OS has always done for more than 3 decades. Some push...
VC6 came out before the C++ standard was finalized (as in, before 98 ). Therefore, it compiles some language which is not standard C++. Realize this before making accusations that microsoft sucks at writing compilers, because VC7.1 and now VC8 are some of the best (and most compliant) C++ compilers in existance.If you google for it, you can find out how to routinely crash VC++6 with legal code.
You missed the part where I mention that standard extensions - not replacements - are OK. I couldn't correct the poll question, for some reason.SnakeChomp wrote:Firstly, just because microsoft adds new functions to C++ does not make C++ a proprietary language. GCC also has their own extensions to C and presumably C++ as well, does anybody accuse them of having a proprietary C++?
And no, because i) GCC never emits warnings that state only their own extensions to be fundamentally correct and ii) they also remove extensions that may make code break under other compilers, such as the ">?" and "< ?" operators. That was certainly a wrong call, but they retracted it in time.
A number of "small bad choices" from Microsoft can add up to a considerable influence in the field. But your next statement already replies to this one.The code given in the article is actually unsafe when placed into a real working environment where it won't be properly constructed only to demonstrate its safety. Buffers won't always be 10 characters and source strings won't always be less than 10 characters. There is no gaurentee that this construct won't break. The warning that microsoft chose to give to programmers may have been a bad choice, but its intentions are correct.
Sure, you may. How about thousands of programmers who respond to Microsoft's highly arbritated interpretation of the standard as though it were the correct one? Shouldn't MS just propose changes to the standard instead of trying to replace it?May I call you paranoid? What are Windows-centric coding habits anyway? To think that microsoft is trying to take over the world due to one compiler warning is completely off base.
Your post gives the impression that you are overestimating the importance of Microsoft's "pushes". It was the Win9x generation that spawned 80% of today's security problems. Microsoft only started to push security because...
No, but it has to do with me thinking twice before thanking Microsoft for so many wonderful things, according to the previous reply.This has nothing to do with your accusation that MS is making C++ proprietary.
I used VC6 for a long time, and had to wait some time before Microsoft decided to implement "advanced features" that their competition did as soon as the standard was ready. The point of this being, they are more of fast followers rather than leaders. I agree that VC7.1 and VC8 are probably the best running compilers on Windows, but standards should be as predictable as well as practical.VC6 came out before the C++ standard was finalized (as in, before 98 ). Therefore, it compiles some language which is not standard C++. Realize this before making accusations that microsoft sucks at writing compilers, because VC7.1 and now VC8 are some of the best (and most compliant) C++ compilers in existance.
Back, just not as often
Windows Vista SP1, Ubuntu 8.04
MinGW 3.4.5, GCC 4.2.1
Code::Blocks
wxWidgets 2.8.9
Windows Vista SP1, Ubuntu 8.04
MinGW 3.4.5, GCC 4.2.1
Code::Blocks
wxWidgets 2.8.9
- ABX
- Can't get richer than this
- Posts: 810
- Joined: Mon Sep 06, 2004 1:43 pm
- Location: Poznan, Poland
- Contact:
Since you both refer to VC as "C++ compiler" and not "IDE" I just would like to point out that as stated at http://cmeerw.org/prog/freecpp/ DigitalMars C++ is closer to C++, works fine with MS SDK, his maintainer is full time accessible, responds to bug reports and releases fixes in a few days. Really impressive work done by author of first native C++ compiler ever (a few compilers in fact, http://www.walterbright.com/ )AkiraDev wrote:(...)I agree that VC7.1 and VC8 are probably the best running compilers on WindowsSnakeChomp wrote:(...)VC7.1 and now VC8 are some of the best (and most compliant) C++ compilers in existance.
ABX
CVS Head, 2.8.X
wxMSW, wxWinCE, wxPalmOS, wxOS2, wxMGL, bakefile
gcc 3.2.3, bcc 5.51, dmc 8.48, ow 1.6, vc 7.1, evc 3/4, pods 1.2
wxMSW, wxWinCE, wxPalmOS, wxOS2, wxMGL, bakefile
gcc 3.2.3, bcc 5.51, dmc 8.48, ow 1.6, vc 7.1, evc 3/4, pods 1.2
-
- wxWorld Domination!
- Posts: 1339
- Joined: Wed Aug 03, 2005 8:10 am
- Location: BANGALORE, INDIA
- Contact:
AkiraDev, this is the real example of microsoft security push after 2000
http://www.informationweek.com/story/sh ... d_IWK_news
http://www.informationweek.com/story/sh ... d_IWK_news
Re: Microsoft at it's best...
Hi!
I don't want to contribute to the "Is MS good or bad" discussion. After all it's all about the money.
No. Never, as nobody "owns" C++. This would be like Duden patenting the german language or the Britannica patenting english.... Ok, not the best analogy, but you get the impression. (http://public.research.att.com/~bs/bs_faq.html#revenues)AkiraDev wrote:The day will soon come M$ patents C and C++ as their own invention.
I don't want to contribute to the "Is MS good or bad" discussion. After all it's all about the money.
OS: OpenSuSE, Ubuntu, Win XP Pro
wx: svn
Compiler: gcc 4.5.1, VC 2008, eVC 4
"If it was hard to write it should be hard to read..." - the unknown coder
"Try not! Do. Or do not. There is no try." - Yoda
wx: svn
Compiler: gcc 4.5.1, VC 2008, eVC 4
"If it was hard to write it should be hard to read..." - the unknown coder
"Try not! Do. Or do not. There is no try." - Yoda
Instead of actually proving your point, you choose to attack *NIX systems with vague numbers.priyank_bolia wrote:AkiraDev, this is the real example of microsoft security push after 2000
http://www.informationweek.com/story/sh ... d_IWK_news
In the same article you sent:
"The end-of-year vulnerability score should be taken with a grain of salt, however, since US-CERT doesn't filter out updates (so one actual vulnerability can be counted numerous times) nor does it break out individual vulnerabilities from warnings that cover multiple bugs (as in the many Mac OS X vulnerability listings)."
To my personal experience, patches on Linux distros regularly come out much more frequently than the "monthly patch cycle".
What's more, the vast majority of *NIX exploits are only possible locally, and often associated with the root account, in contrast to Windows exploits, which are almost always possible remotely, and in many cases with hardly any user intervention.
Here's a couple of more real examples of Microsoft security push for you: ActiveX and the WMF exploit. Despite it's high level of danger, look how long it took to a third-party technician to issue an unofficial fix, and contrast that to the average response time of Microsoft.
Back, just not as often
Windows Vista SP1, Ubuntu 8.04
MinGW 3.4.5, GCC 4.2.1
Code::Blocks
wxWidgets 2.8.9
Windows Vista SP1, Ubuntu 8.04
MinGW 3.4.5, GCC 4.2.1
Code::Blocks
wxWidgets 2.8.9
And these are some of the few "only one supported platform"-compilers.SnakeChomp wrote: Realize this before making accusations that microsoft sucks at writing compilers, because VC7.1 and now VC8 are some of the best (and most compliant) C++ compilers in existance.
Regards
Michael
Sowas kommt von sowas.