19 Aug
2006
19 Aug
'06
4:04 p.m.
Don wrote:
It's like claiming "run Java/Inferno/etc. on
your machine and you'll
never have to worry about security issues" (unless, of course,
someone boots the machine to a "non-Java" state!)
I'm somewhat
unhappy with Java. It allows junior programmers to do
silly things, like allocate lots of memory and not have to worry about
it just because there's a garbage collector. In real life, what happens
is that they write applications with hundreds, even thousands of threads
that grab resources other than just memory such as JDBC connections, or
file handles and never properly release them.
Then, when those crash, they jump up and down claiming it must be
something wrong with the OS because their application is perfect, and
the crash must be some misconfiguration.
Worse yet, it's difficult for a sysadmin to prove anything unless they
allow for heap dumps, so you can't pinpoint the bug in their code to
show them, that no, it is indeed their bugs that caused this.
Luckily, we do have one or two more senior developers who actually
bother to seek out the crappy code and are honest enough to point it out.
If you write stuff like that in C or assembly it isn't masked by a GC,
it's very clear that something is wrong, and a lot easier to locate bugs
using truss, systrace, gdb, etc.
The trouble isn't so much that java allows these things, but rather that
it creates too many low paid junior programmers which get hired because
they're cheaper than more experienced ones. i.e. hiring two junior guys
instead of one more senior guy who at least knows what he's doing.