There are many reasons why Java is a safe language, and it's definitely safer than some languages, but I think it's a stretch to say that it's safer than all other languages.
Java has a variety of safety features in place:
Automatic null-checking of references, bounds-checking of arrays, verification of casts, etc. to prevent the program from making type errors. Compare this to C or C++, where these same errors (with a few exceptions) cause undefined behavior.
Verification of bytecode prior to execution. This makes it impossible for the program to jump to an undefined instruction, or to try to perform an operation on a nonexistent object, or to make a type error at the instruction level, etc. Compare this to C or assembly, where the program can jump to bad instructions, or try reading nonexistent parameters to functions (think
va_args), etc.)Runtime security checks when loading in new code. The use of
SecurityManagerandClassLoadermake it easy for the Java runtime to prevent arbitrary code from executing on the computer by mediating access to system resources and preventing the program from loading or generating arbitrary code at runtime. Compare this to C or C++, which can read and write arbitrary values, issue arbitrary system calls, generate and execute arbitrary code, etc.Library-level safety of certain features. For example,
Stringis immutable andfinal, so a function that receives aStringcan verify the string and not have to worry about another thread changing its value.
This isn't a complete list of Java's safety features, but it should give you a sense of some of the design considerations in Java that are not present in other languages.
Hope this helps!
Answer from templatetypedef on Stack Overflow.net - Why Java is secure compared with other programming languages? - Stack Overflow
What makes Java secure than C++?
security - Why is Java labeled as a "secure" language? - Stack Overflow
C++ or Java for a career in Information Security - Information Security Stack Exchange
There are many reasons why Java is a safe language, and it's definitely safer than some languages, but I think it's a stretch to say that it's safer than all other languages.
Java has a variety of safety features in place:
Automatic null-checking of references, bounds-checking of arrays, verification of casts, etc. to prevent the program from making type errors. Compare this to C or C++, where these same errors (with a few exceptions) cause undefined behavior.
Verification of bytecode prior to execution. This makes it impossible for the program to jump to an undefined instruction, or to try to perform an operation on a nonexistent object, or to make a type error at the instruction level, etc. Compare this to C or assembly, where the program can jump to bad instructions, or try reading nonexistent parameters to functions (think
va_args), etc.)Runtime security checks when loading in new code. The use of
SecurityManagerandClassLoadermake it easy for the Java runtime to prevent arbitrary code from executing on the computer by mediating access to system resources and preventing the program from loading or generating arbitrary code at runtime. Compare this to C or C++, which can read and write arbitrary values, issue arbitrary system calls, generate and execute arbitrary code, etc.Library-level safety of certain features. For example,
Stringis immutable andfinal, so a function that receives aStringcan verify the string and not have to worry about another thread changing its value.
This isn't a complete list of Java's safety features, but it should give you a sense of some of the design considerations in Java that are not present in other languages.
Hope this helps!
You mention you read some where but can you please re-read it because I guess when it was written the author would be comparing the JAVA with C++ / Fortran / C etc.
Also there is an old post you can read about the testability of security in http://www.veracode.com/blog/2010/06/which-tastes-better-for-security-java-or-net/
you can see both are same almost....
IMHO, that's a very misleading statement. In Java, you cannot access out-of-bound arrays, and you don't have pointers, and thus several security flaws like stack corruption or buffer overflow is impossible to exploit in Java. But Java is not inherently more secure than any other language; it's just there is less chance to make mistakes that can cause security flaws. In effect, this reduces security flaws, but it's totally misleading to say Java is secure.
There are two things that make Java "more secure" than other language in certain aspects:
- Automatic array bounds checking and the lack of manual memory management make certain classes of programming mistakes that often cause serious security holes (such as buffer overruns) impossible. Most other modern languages share this feature, but C and C++, which were dominant (and still are major) application development languages at the time Java first appeared, do not.
- The Security Manager concept makes it relatively easy to run Java applications in a "sandbox" that prevents them from doing any harm to the system they are running on. This played an important part in promoting Java during its early days, since Applets were envisioned as a ubiquitous, safe way to have client-side web applications.
Don't choose; learn both.
If you want to make a career which involves programming (and most careers in information security do that), then you must learn programming, not programming languages. If you concentrate on a single language then you will be a very poor programmer, and your career will fail.
Programming is a state of the mind; languages are distractions.
Information security is a broad field. Depending on the branch you want to specialize you might find useful to learn C, C++, Java, python, shellscripting or neither. About the two you have mention:
- C++ will give you a lot of knowledge about how memory should be managed, and how to build secure code with these assumptions.
- Java will give you a lot of knowledge about how a virtual machine works and how to build secure code with these assumptions.
- Others will tell you that once you know how to program, selecting a language program is about knowing some small details.
Consider that even after mastering the two of them you will learn nothing about communications, cryptography, secret management... Securing is not about programming languages. Securing (well, a big simplification) is about information and how is it treated, stored, shared and by whom (confidentiality, availability, integrity and non-repudio).
But if you want a closer tech security approach...
I learnt a lot about security getting into the Debian (linux) world, I really believe that getting inside the linux administration world will give you big notions about security and security design. Then learning basic cryptography and how communications works will give you the rest. After you have managed all these concepts (and believe me, that is a lot to say) you will need to take into consideration thousands of regulations and security standards.
Is an arduous path, but it is a nice one =)
[Edit] Addendum: I belive the better place to learn about the topics you want is a forum, any hacking forum will do for a beginner level... You eventually will meet people and will find sources of information as you continue learning.
If you use Java like most other programming languages, e.g. to write standalone applications, it is no less secure than other languages and more secure than C or C++ because of no buffer overflows etc.
But Java is regularly used as a plugin inside the web browser, e.g. similar to Flash. Because in this case the user runs untrusted code without having explicitly installed it, the idea is to have the code run inside a limited sandbox, where it should not be able to somehow act against the system or the user (e.g. read local files and send them to the website, scan the local network etc). And this is where Java failed in the recent years, e.g. new bugs popped up sometimes on a daily basis which allowed escaping from the sandbox.
Also, sometimes bugs in the byte code interpreter or native libraries lead to buffer overflows and could compromise the system, but in this regard Flash is usually considered worse.
And as for the other languages being better: these usually can't even run as untrusted code inside a sandbox (exception is JavaScript and maybe Flash), so they would be even worse because there is no inherent way to limit their interaction with the system.
The security vulnerabilites reported are not about Java (the programming language), which, by virtue of the JVM enforcing memory safety, is actually more robust than languages such as C or C++, where buffer overflows and buffer over-reads remain a threat, and can result in messes like Heartbleed.
Instead, the vulnerabilites reported are in the Java Sandbox, which attempts to enforce a priviledge model that permits safe execution of untrusted code, and is most famously used to permit the automatic execution of Java Applets in a browser. That sandbox is riddled with holes. Also, Oracle releases patches (the "critical patch updates") only 4 times a year. Needless to say to browser vendors are not happy about this. Firefox, for instance, is requiring user authorisation to launch a Java Applet since Firefox 26.
The reason the press reports do not make that distinction is that Oracle uses the "Java" trademark both for the programming language, and the browser plugin that runs applets. In fact, if an ordinary user encounters the Java trademark, it probably refers to the latter.
It is somewhat speculative why exactly the Sandbox remains vulnerable. If you ask me, one reason is that the same API is used both with and without the Sandbox, and most Java code runs without the Sandbox (because the code is trusted). As a result, it is quite possible for a developer to forget about that obscure feature when changing the Java API or its implementation, accidentally exposing things that should be protected (to illustrate how easy that is, behold the lengthy Secure Coding Guidelines for Java SE). Another but related reason is the sheer size of the Java API (5800 classes, and nearly 50,000 methods, for Java SE 6).
First, the security issues are more a question of the implementation, rather than the language. Java does impose some security checks (bounds checking, etc.) that are optional (and very expensive in runtime) in C++. With regards to your specific issues:
I presume this refers to the classical buffer overrun issue, which often was a problem in C. In C++, we use
std::vector, which can (and usually does, at least when the correct compiler options are given) do the same checks as Java. If, on the other hand, it does refer to stack overflow (e.g. as a result of too deep recursion), then because the stack of the JVM is not the machine stack, Java can do extra checks, and also guarantee an out of memory exception in the case of stack overflow. (This is also possible in C++, but I don't know of a compiler which does it. And the operating systems don't always make it that easy.)This is an OS issue, not a language issue. Modern OS's doesn't allow programs to access memory outside their own process space, so neither Java nor C++ allow it.
As above, this is an OS issue, not a language issue, and modern OS's enforce it relatively well, regardless of whether the program is written in Java or in C++.
In summary, both 2 and 3 are impossible, regardless of the language, and 1 won't occur in well written C++ (although it was a problem in the past with C).
Java is a reasonably secure language because of a few reasons, focusing mostly on your 3 points, Java is more secure than other languages, predominantly because it executes bytecode instructions in its own virtual machine, not native code. It does not allow out of bounds array access, and has no pointer access. This pretty much answers your first 2 points. As for reading and writing without permission I am not sure what you mean by that. Inherently file reading and writing is controlled at an operating system level. Without some exploit to gain more permission than it should, no matter what language it is written in, a program cannot write or read to files the OS prohibits it from. If you mean without permission from an application standpoint, from say a plugin system, then you would need to look into adding a security manager or your own vetting to prevent plugins or modules from altering files under your applications process.
Is there any specific programming language to build highly secure and reliable software or does every programming language works the same and it depends on how we code?