Keagan McClelland
Jul 21, 2017 · 1 min read

I don’t think it’s as much a question of either/or. I think, or at least I hope, the industry understands the value of testing and trying to design and write secure code. But the entire premise of technology is that we need to delegate things we are bad at and have to do often to machines. What that means is that we should accept help in any way we can get it. Sure, better PL’s will not solve all bugs and security issues, but they will solve some, and so throwing the tool away because it only solves some of your problems is misguided. What better proofs and verifications do is they prove that your code is consistent (in an algebraic sense) and provides a greater degree of assurance that the code does what you intended, at least more so than our classical tools.

The assumption here is that your approach to the problem is correct. This is where code readability is paramount. It needs to be painfully obvious when reading code, what it is trying to accomplish. Again, this can be assisted with better languages, but not solved.

The reason I bring up this section is that the industry already recognizes the value of testing, failover, redundancy etc. But I don’t think it has yet to understand the value of better PL/Compilers. And I believe it’s time we ditch the argument that “you can write bad code in any language, so languages don’t really matter”. While the premise may be correct, the conclusion does not follow, and worse, is actually counter productive.

)

    Keagan McClelland

    Written by

    Hacker, Climber