Gosling Claims Huge Security Hole in .NET

renai42 writes "Java creator James Gosling this week called Microsoft's decision to support C and C++ in the common language runtime in .NET one of the 'biggest and most offensive mistakes that they could have made.' Gosling further commented that by including the two languages into Microsoft's software development platform, the company 'has left open a security hole large enough to drive many, many large trucks through.'" Note that this isn't a particular vulnerability, just a system of typing that makes it easy to introduce vulnerabilities, which last time I checked, all C programmers deal with.

Phew!

[rackhamh]

Good thing Linux isn't written in...

Oh. Never mind!

Woah

[pHatidic]

CowboyNeal is defending Microsoft. Someone take a screengrab, Slashdot's been hacked!

A truck, eh?

[Faust7]

the company 'has left open a security hole large enough to drive many, many large trucks through.'"

Like, say, a truck about the size of Sun's Java runtime environment.

Homeowners!! Beware!

[Stevyn]

No longer should homes be built using nails. All new homes should be built with really strong glue. Even though nails are faster and easier to work with, a carpenter might accidentally smash his thumb with a hammer. Plus, nails contain metal which may warp your home in the event a huge magnet is placed near the house.

--The Elmer's Glue Foundation for Strength and Security

I believe Gosling is wrong

[frovingslosh]

James Gosling this week called Microsoft's decision to support C and C++ in the common language runtime in .NET one of the 'biggest and most offensive mistakes that they could have made.'

Gosling is dead wrong. I believe that Microsoft will soon prove they are capable of even bigger and more offensive security mistakes.

Also, the choice to actually use .NET is at least as big of a security error.