Strictly speaking, the language itself shouldn't have any effect on how fast it executes, it's the implementation that really matters.
This is nonsense.
Language syntax has a huge impact on how hard or easy it is for a compiler (ahead-of-time, just-in-time, or hybrid) to produce fast native code.
If that effort is too large, in terms of development effort and/or compiler analysis effort, you will simply never see a compiler written for those kinds of languages that produces fast executables. This is the reality.
So, in pragmatic terms...yes, some languages are slow.
Because we don't want to spend our time thinking about pointers and how to iterate over things?
Because the only alternative to Python with higher performance is C or C++, and all of those non-existent alternatives have all the same pitfalls as C and C++?
That was covered in the article as well (kinda).. with the same kind of "just do more testing" type answers you hear from the PHP guys.
Personally I like my languages strongly typed, with as much idiot proofing and compile time checking as I can get and still have a usable language. Not as a substitute for testing/QA as the article would imply.. but as an additional layer.
Well said. Developers should think of static typing and strong typing as testing built right into the code -- testing your boss can't make you skip writing in order to meet a deadline, because if you have type errors, your code will not even compile.
I was a little bit disappointed by Guido's response regarding static vs. dynamic typing:
InfoWorld: You talked about the arguments for and against dynamic typing. You said that if you trust your compiler to find all the bugs in your program, you've not been doing software development for very long. So you're satisfied with Python being dynamic?
Van Rossum: Absolutely. The basic philosophy of the language is not going to change. I don't see Python suddenly growing a static subdivision or small features in that direction.
Proponents of static typing do not claim that compilers, combined with languages that use static typing, will find all the bugs in your program. This is nothing more than Infoworld erecting a straw man and Guido knocking it down.
However, static typing does make a huge number of potential errors stick out like a sore thumb (the compiler will refuse to compile the code, and will emit appropriate error messages).
Some people (rightfully) argue that dynamic typing makes for shorter, prettier, easier code.
Some of us believe the primary concern should be correctness, and that shorter, prettier, easier code are secondary concerns -- almost always. People should think about this every time their computer crashes, or an application crashes, or something is acting up and needs to be rebooted, or they get a virus through no fault of their own, or their data gets corrupted.
Will users be thinking, "Gosh, this sucks, but I'm sure glad the programmer used a dynamic language, because it made it easier on him (the programmer)."? No, they'll be thinking, "Damn buggy programs! I just lost X (hours,minutes,seconds) of work, and now I'm frustrated!" Programming languages are a means to an end, not an end in itself. Don't be a self centered developer: the fruits of your labor are for users, not so you can write the code equivalent of poetry.
Not to mention, statically typed languages allow for easy refactoring possibilities that make it possible to fix all sorts of serious issues, including architectural ones, with reasonable effort expended. Dynamic languages, while they have made some progress in the area of refactoring, are really in the dark ages here.
I know dynamically typed programming languages are the hotness right now, and I'm sure my opinion will be hammered relentlessly, but I do ask that if you disagree, don't mod me down, but instead, bring forth a reasonable argument for a different position. This should not be a popularity contest, where the loser is not heard, no matter what side the loser is on.
I thought we were bankrupt. Don't we have better things to spend (or save) our money on?
The U.S. won't go bankrupt, not as long as what is owed is U.S. dollars.
The U.S. can continue to inflate its currency, however (i.e., make each dollar worth less, by adding more dollars to the pool of dollars). This upsets "the 1%" a great deal, since they own almost everything. Somewhat impacted are "the 99%", but not nearly so much as your average person on the street might think.
Inflation really isn't so bad, because it makes U.S. exports more attractive (they effectively cost less), and all those people deep in credit card and mortgage debt effectively end up owing less money.
So when you claim that having to compete makes it hard for you to make a 'reasonable amount of money' you are demonstrating an inflated self worth.
I'm not sure why you're ranting at me about this. I didn't add, "And it's not fair! GPL should be banned! There should be a law!"
I am perfectly fine with people licensing their source code however they want, including usage of the GPL. I am merely pointing out the fact that it is difficult to make money selling GPL software. I'm not sure why, every time someone points this out, they're attacked as if they're anti-GPL.
And yes, I know, there are exceptions. But the monetary market for GPL software is a tiny, thin slice compared to fully commercial.
that believe in licensing software only, no where does the GNU or FSF manifesto declare paying for software is bad.
With source in hand, anyone could make your software available for free. That makes it really hard to make a reasonable amount of money selling software.
So, while you might be technically right, you're being intellectually dishonest.
This whining that nobody can build something perfect is just stupid.
I don't think anyone reasonable is asking for perfection -- I think that's a red herring designed to denigrate people who suggest that perhaps -- just perhaps -- web browser technology is below reasonable expectations.
For most pieces of software, some reasonable level of defects is expected, otherwise software development costs would be extremely high, and we would be using software with a lot less features. Software having some bugs is the trade-off the vast majority of us are willing make.
However, I think web browsers should be held to a higher standard, because of the costly damage that can result. Merely browsing through Google Image search results should not leave a Trojan on your system capable of stealing your bank account number and password next time you visit your bank web site -- which is an example of one of the zero day exploits recently uncovered.
Other pieces of software that should be held to higher standards are ssh and sshd (for obvious reasons), properly functioning file system security, embedded software in medical devices, etc.
I should make it clear that I'm not entirely blaming the browser makers -- obviously, enough users are complicit enough that we have what we have: a pile of zero day exploits for the three most popular browsers (IE, Firefox, Chrome) -- and like an iceberg, there are probably more -- a lot more -- hidden out of sight, but being actively sought by people with bad intentions.
Users are not demanding a high enough level of quality -- in my opinion. Severe browser exploit problems have been an ongoing problem for years and years. I'm astonished anyone thinks this is acceptable, and some people even excuse it in the name of progress! As a long-time developer, I can assure you that software being riddled with security bugs is not a precondition for progress.
Getting back to the real point of my post, which I'm not sure was clear enough: I think web technologies are partially to blame. I'm not talking about the implementations here (well, that too, I guess...), I'm talking about the specifications being sufficiently FUBAR that it's really, really hard to create a secure implementation that also performs well.
I'm not a professional web developer, and I'm not extremely knowledgeable about JavaScript, but I do know enough about the subject to know that JavaScript is designed in such a way that producing a high performing implementation is crazy difficult. (This is besides the language being riddled with horrible warts). Outrageous complexity is apparently necessary to produce high performance *cough* JavaScript implementations, and by definition means it will be riddled with bugs, because complexity is the enemy of security.
It could be that I'm talking out of my hat due to lack of deep familiarity with the technologies involved. My experience these days is primarily C and Java programming, but I know at least a half dozen languages, and I've been a professional software developer for more decades than I care to count.
But I do know that, when given a complex set of requirements, I break things down into layers, in which each layer is individually grokkable by a single good developer -- if need be -- so that security and stability problems become a lot more obvious. I'm not sure that web technologies are designed well enough to allow for this layering -- probably for performance reasons. And thus, I question the specifications themselves. Some specifications -- such as JavaScript -- will never lend themselves to an implementation that is both clean (i.e., secure) and high performance.
Not just in Japan, but everywhere. Bureaucrats and politicians are in the deep pockets of corporations and don't give a rancid wet fart about "The People" - then they spew so much bullshit at The People to get elected.
Capitalism crushes everything in its path, including democracy and common sense.
...but its great that Pwn2Own brought to light the reality that there is no "secure web browsing experience"...
It seems to me there must be fundamental problems with the web browser technologies themselves. The web has been extremely popular for a long time now, and it seems no company, no matter how talented, no matter how serious, no matter how security focused, no matter how well staffed, no matter how much money, can make a secure web browser. This is getting ridiculous!
Yes, I'm seriously thinking web technologies themselves are to blame. Overly complex? Over engineered? Fundamentally flawed? Complexity is the enemy of security. It's time for a re-think.
What do other people think? Is it time to trash the old and invent something new, something mere mortals can embrace, and actually create secure implementations?
But with all the work and effort and resources going into this, how is it that operations a tiny fraction of this can generate fast, reliable and standards complaint browsers better than MSIE?
And with more features, too!
It's 2012 and IE9 still doesn't have a built-in spellchecker for text areas! Among many other must-have features that are suspiciously absent.
Slashdot moderation simply hasn't evolved to the point where you can.
Good joke, but you've actually hit on a fundamental flaw with Slashdot's moderation system.
Once in a while, I have mod points. I dig really deep, and look really hard, for those comments that are truly insightful and informative. But I get punished for trying to do a really good job: many of my mod points expire before I can use them.
I've always wondered what the justification is for Slashdot mod points to have an arbitrary and artificial expiration date. Here's to hoping that, some day, the moderation system will evolve!
I have 8gb of memory on my main computer. I want firefox to use up as much of it as it can to improve my browsing experience.
I don't, because I do other things on my computer, too. If any given application is using all the memory it possibly can, the rest of the system will behave more poorly as a result. Once you start swapping, your performance drops like a rock.
Ah, good old Slashdot. Pro GPL comments always go +5, Insightful and anti GPL comments always go -1, Troll, no matter what. This will be no exception, but I feel compelled to respond in case there is anyone left on Slashdot that is not completely brainwashed.
To be on the safe side we should all probably always use AGPL and/or GPLv3 for everything. We can always go less restrictive...
No. No, no, no. A thousand times no. GPL source code tends to attract more and more contributors. Over time, you have so many contributors that "going back" to another license becomes practically impossible, because at some point you can't successfully contact them all and get them all to agree to a license change. This was RMS's plan from the start -- for GPL to spread in this fashion. If you don't believe me, go look it up.
When that happens, you can't "go back" to a less restrictive license. To do something as simple as change the license... you have to do a full rewrite.
This is one reason why I'm not a fan of the GPL -- it becomes increasingly unlikely to ever be able make a license change over time, and I think that's an awfully bad thing for people.
See LGPL 2.1 section 6.a or LGPL 3.0 section 4.d.0.
Ah, that's interesting, thanks. I don't personally use any GPL or LGPL source code because I don't like the requirements, but it's nice to know there's a way to work-around supplying your source code when you want to statically link LGPL code.
Why? IE9 is a completely good browser. It's on par with Chrome, but in fact it offers even more features and security than Firefox does currently, like sandboxing. It's also standards compliant and supports HTML5. There's nothing to hate about IE9.
The fact that people -- even technology geeks -- have to work so hard to research an Android device (whether smartphone or tablet) that is decent is why I keep recommending Apple to friends and relatives.
Google really needs to put their foot down and demand a reasonable set of minimum requirements to ensure people don't end up having a crappy Android experience (which is currently all too likely).
You may want to "wait and see" if Dart takes off first. (I don't think it will.)
It seems like developers are becoming increasingly skeptical of adopting Google technologies, and for good reason. Those technologies often don't take off. Also, Google tends to hype some technologies, getting a lot of developers on board, and then abandon them (or support them so badly they may as well be abandoned).
There are a lot of great technologies out there you can learn instead, that have wider industry acceptance, and are not likely to be abandoned. Dart does not offer anything special, and Google does not have a trustworthy track record.
I'm sure there was a point in time where Chrome was faster than Firefox, but there's really no reason to stick with it anymore.
My primary computer is a netbook, and I can assure you Chrome is faster and more responsive than Firefox. With such limited hardware, the difference can be surprisingly noticeable (especially when it comes to UI latency).
Also, when I close Chrome tabs, they actually return much needed memory back to the OS, unlike Firefox.
I wonder which is worse: spending $1 in exchange for a little enjoyable fantasizing about what it would be like to be rich, or complaining endlessly on Slashdot about how stupid everyone else is.
Slashdot Mirror
Strictly speaking, the language itself shouldn't have any effect on how fast it executes, it's the implementation that really matters.
This is nonsense.
Language syntax has a huge impact on how hard or easy it is for a compiler (ahead-of-time, just-in-time, or hybrid) to produce fast native code.
If that effort is too large, in terms of development effort and/or compiler analysis effort, you will simply never see a compiler written for those kinds of languages that produces fast executables. This is the reality.
So, in pragmatic terms...yes, some languages are slow.
Because we don't want to spend our time thinking about pointers and how to iterate over things?
Because the only alternative to Python with higher performance is C or C++, and all of those non-existent alternatives have all the same pitfalls as C and C++?
*sigh*
That was covered in the article as well (kinda) .. with the same kind of "just do more testing" type answers you hear from the PHP guys.
Personally I like my languages strongly typed, with as much idiot proofing and compile time checking as I can get and still have a usable language. Not as a substitute for testing/QA as the article would imply.. but as an additional layer.
Well said. Developers should think of static typing and strong typing as testing built right into the code -- testing your boss can't make you skip writing in order to meet a deadline, because if you have type errors, your code will not even compile.
I was a little bit disappointed by Guido's response regarding static vs. dynamic typing:
InfoWorld: You talked about the arguments for and against dynamic typing. You said that if you trust your compiler to find all the bugs in your program, you've not been doing software development for very long. So you're satisfied with Python being dynamic?
Van Rossum: Absolutely. The basic philosophy of the language is not going to change. I don't see Python suddenly growing a static subdivision or small features in that direction.
Proponents of static typing do not claim that compilers, combined with languages that use static typing, will find all the bugs in your program. This is nothing more than Infoworld erecting a straw man and Guido knocking it down.
However, static typing does make a huge number of potential errors stick out like a sore thumb (the compiler will refuse to compile the code, and will emit appropriate error messages).
Some people (rightfully) argue that dynamic typing makes for shorter, prettier, easier code.
Some of us believe the primary concern should be correctness, and that shorter, prettier, easier code are secondary concerns -- almost always. People should think about this every time their computer crashes, or an application crashes, or something is acting up and needs to be rebooted, or they get a virus through no fault of their own, or their data gets corrupted.
Will users be thinking, "Gosh, this sucks, but I'm sure glad the programmer used a dynamic language, because it made it easier on him (the programmer)."? No, they'll be thinking, "Damn buggy programs! I just lost X (hours,minutes,seconds) of work, and now I'm frustrated!" Programming languages are a means to an end, not an end in itself. Don't be a self centered developer: the fruits of your labor are for users, not so you can write the code equivalent of poetry.
Not to mention, statically typed languages allow for easy refactoring possibilities that make it possible to fix all sorts of serious issues, including architectural ones, with reasonable effort expended. Dynamic languages, while they have made some progress in the area of refactoring, are really in the dark ages here.
I know dynamically typed programming languages are the hotness right now, and I'm sure my opinion will be hammered relentlessly, but I do ask that if you disagree, don't mod me down, but instead, bring forth a reasonable argument for a different position. This should not be a popularity contest, where the loser is not heard, no matter what side the loser is on.
I thought we were bankrupt. Don't we have better things to spend (or save) our money on?
The U.S. won't go bankrupt, not as long as what is owed is U.S. dollars.
The U.S. can continue to inflate its currency, however (i.e., make each dollar worth less, by adding more dollars to the pool of dollars). This upsets "the 1%" a great deal, since they own almost everything. Somewhat impacted are "the 99%", but not nearly so much as your average person on the street might think.
Inflation really isn't so bad, because it makes U.S. exports more attractive (they effectively cost less), and all those people deep in credit card and mortgage debt effectively end up owing less money.
So when you claim that having to compete makes it hard for you to make a 'reasonable amount of money' you are demonstrating an inflated self worth.
I'm not sure why you're ranting at me about this. I didn't add, "And it's not fair! GPL should be banned! There should be a law!"
I am perfectly fine with people licensing their source code however they want, including usage of the GPL. I am merely pointing out the fact that it is difficult to make money selling GPL software. I'm not sure why, every time someone points this out, they're attacked as if they're anti-GPL.
And yes, I know, there are exceptions. But the monetary market for GPL software is a tiny, thin slice compared to fully commercial.
Unlike the Paytards I would call them,
Very mature.
that believe in licensing software only, no where does the GNU or FSF manifesto declare paying for software is bad.
With source in hand, anyone could make your software available for free. That makes it really hard to make a reasonable amount of money selling software.
So, while you might be technically right, you're being intellectually dishonest.
Yeah, a nuclear disaster would never happen in a non-capitalist country!
That is not true, so I guess it's a good thing I didn't say, suggest, or imply it.
This whining that nobody can build something perfect is just stupid.
I don't think anyone reasonable is asking for perfection -- I think that's a red herring designed to denigrate people who suggest that perhaps -- just perhaps -- web browser technology is below reasonable expectations.
For most pieces of software, some reasonable level of defects is expected, otherwise software development costs would be extremely high, and we would be using software with a lot less features. Software having some bugs is the trade-off the vast majority of us are willing make.
However, I think web browsers should be held to a higher standard, because of the costly damage that can result. Merely browsing through Google Image search results should not leave a Trojan on your system capable of stealing your bank account number and password next time you visit your bank web site -- which is an example of one of the zero day exploits recently uncovered.
Other pieces of software that should be held to higher standards are ssh and sshd (for obvious reasons), properly functioning file system security, embedded software in medical devices, etc.
I should make it clear that I'm not entirely blaming the browser makers -- obviously, enough users are complicit enough that we have what we have: a pile of zero day exploits for the three most popular browsers (IE, Firefox, Chrome) -- and like an iceberg, there are probably more -- a lot more -- hidden out of sight, but being actively sought by people with bad intentions.
Users are not demanding a high enough level of quality -- in my opinion. Severe browser exploit problems have been an ongoing problem for years and years. I'm astonished anyone thinks this is acceptable, and some people even excuse it in the name of progress! As a long-time developer, I can assure you that software being riddled with security bugs is not a precondition for progress.
Getting back to the real point of my post, which I'm not sure was clear enough: I think web technologies are partially to blame. I'm not talking about the implementations here (well, that too, I guess...), I'm talking about the specifications being sufficiently FUBAR that it's really, really hard to create a secure implementation that also performs well.
I'm not a professional web developer, and I'm not extremely knowledgeable about JavaScript, but I do know enough about the subject to know that JavaScript is designed in such a way that producing a high performing implementation is crazy difficult. (This is besides the language being riddled with horrible warts). Outrageous complexity is apparently necessary to produce high performance *cough* JavaScript implementations, and by definition means it will be riddled with bugs, because complexity is the enemy of security.
It could be that I'm talking out of my hat due to lack of deep familiarity with the technologies involved. My experience these days is primarily C and Java programming, but I know at least a half dozen languages, and I've been a professional software developer for more decades than I care to count.
But I do know that, when given a complex set of requirements, I break things down into layers, in which each layer is individually grokkable by a single good developer -- if need be -- so that security and stability problems become a lot more obvious. I'm not sure that web technologies are designed well enough to allow for this layering -- probably for performance reasons. And thus, I question the specifications themselves. Some specifications -- such as JavaScript -- will never lend themselves to an implementation that is both clean (i.e., secure) and high performance.
Not just in Japan, but everywhere. Bureaucrats and politicians are in the deep pockets of corporations and don't give a rancid wet fart about "The People" - then they spew so much bullshit at The People to get elected.
Capitalism crushes everything in its path, including democracy and common sense.
...but its great that Pwn2Own brought to light the reality that there is no "secure web browsing experience"...
It seems to me there must be fundamental problems with the web browser technologies themselves. The web has been extremely popular for a long time now, and it seems no company, no matter how talented, no matter how serious, no matter how security focused, no matter how well staffed, no matter how much money, can make a secure web browser. This is getting ridiculous!
Yes, I'm seriously thinking web technologies themselves are to blame. Overly complex? Over engineered? Fundamentally flawed? Complexity is the enemy of security. It's time for a re-think.
What do other people think? Is it time to trash the old and invent something new, something mere mortals can embrace, and actually create secure implementations?
But with all the work and effort and resources going into this, how is it that operations a tiny fraction of this can generate fast, reliable and standards complaint browsers better than MSIE?
And with more features, too!
It's 2012 and IE9 still doesn't have a built-in spellchecker for text areas! Among many other must-have features that are suspiciously absent.
Microsoft is still impressively thoroughly evil. This is just more of the same.
You can't even stream Netflix with your Xbox 360 without subscribing to Xbox Live.
There is no good reason for this, except Microsoft being greedy, evil bastards.
Slashdot moderation simply hasn't evolved to the point where you can.
Good joke, but you've actually hit on a fundamental flaw with Slashdot's moderation system.
Once in a while, I have mod points. I dig really deep, and look really hard, for those comments that are truly insightful and informative. But I get punished for trying to do a really good job: many of my mod points expire before I can use them.
I've always wondered what the justification is for Slashdot mod points to have an arbitrary and artificial expiration date. Here's to hoping that, some day, the moderation system will evolve!
I have 8gb of memory on my main computer. I want firefox to use up as much of it as it can to improve my browsing experience.
I don't, because I do other things on my computer, too. If any given application is using all the memory it possibly can, the rest of the system will behave more poorly as a result. Once you start swapping, your performance drops like a rock.
Ah, good old Slashdot. Pro GPL comments always go +5, Insightful and anti GPL comments always go -1, Troll, no matter what. This will be no exception, but I feel compelled to respond in case there is anyone left on Slashdot that is not completely brainwashed.
To be on the safe side we should all probably always use AGPL and/or GPLv3 for everything. We can always go less restrictive...
No. No, no, no. A thousand times no. GPL source code tends to attract more and more contributors. Over time, you have so many contributors that "going back" to another license becomes practically impossible, because at some point you can't successfully contact them all and get them all to agree to a license change. This was RMS's plan from the start -- for GPL to spread in this fashion. If you don't believe me, go look it up.
When that happens, you can't "go back" to a less restrictive license. To do something as simple as change the license... you have to do a full rewrite.
This is one reason why I'm not a fan of the GPL -- it becomes increasingly unlikely to ever be able make a license change over time, and I think that's an awfully bad thing for people.
See LGPL 2.1 section 6.a or LGPL 3.0 section 4.d.0.
Ah, that's interesting, thanks. I don't personally use any GPL or LGPL source code because I don't like the requirements, but it's nice to know there's a way to work-around supplying your source code when you want to statically link LGPL code.
You can static link with LGPL code if you provide your .o object files.
I've never heard such a thing. Can you provide a reference?
Why? IE9 is a completely good browser. It's on par with Chrome, but in fact it offers even more features and security than Firefox does currently, like sandboxing. It's also standards compliant and supports HTML5. There's nothing to hate about IE9.
IE9 has no spellchecker in text areas. :-(
The fact that people -- even technology geeks -- have to work so hard to research an Android device (whether smartphone or tablet) that is decent is why I keep recommending Apple to friends and relatives.
Google really needs to put their foot down and demand a reasonable set of minimum requirements to ensure people don't end up having a crappy Android experience (which is currently all too likely).
The Wii has a pretty good Netflix client/interface.
You mean HAD a pretty good Netflix client/interface.
A recent update to the Netflix client on the Wii turned it into a huge pile of slow, laggy, ugly crap.
Also, since the "upgrade", I often (maybe 20% of the time) can't get streams to start at all. Sigh.
Netflix is increasingly losing their way.
You may want to "wait and see" if Dart takes off first. (I don't think it will.)
It seems like developers are becoming increasingly skeptical of adopting Google technologies, and for good reason. Those technologies often don't take off. Also, Google tends to hype some technologies, getting a lot of developers on board, and then abandon them (or support them so badly they may as well be abandoned).
There are a lot of great technologies out there you can learn instead, that have wider industry acceptance, and are not likely to be abandoned. Dart does not offer anything special, and Google does not have a trustworthy track record.
I'm sure there was a point in time where Chrome was faster than Firefox, but there's really no reason to stick with it anymore.
My primary computer is a netbook, and I can assure you Chrome is faster and more responsive than Firefox. With such limited hardware, the difference can be surprisingly noticeable (especially when it comes to UI latency).
Also, when I close Chrome tabs, they actually return much needed memory back to the OS, unlike Firefox.
It seems no one has mentioned it yet, so I will.
I believe Lua (the programming language and virtual machine) is from academia -- the Pontifical Catholic University of Rio de Janeiro in Brazil.
Lua is used in a lot of games and embedded in a lot of software. I think even World of Warcraft makes use of it.
For more information and links, see About Lua.
I wonder which is worse: spending $1 in exchange for a little enjoyable fantasizing about what it would be like to be rich, or complaining endlessly on Slashdot about how stupid everyone else is.