Electronic voting feasibility
Peter Hansen
peter at engcorp.com
Fri Sep 10 00:15:26 EDT 2004
Greg Steffensen wrote:
> I'm designing a web portal for universities (a free software, by/for
> students thing), and I'm considering including an electronic voting
> component. ...
> Are there any technical reasons that Python would be a poor choice for
> this? I have no illusions that its possible to build a perfect system,
> but would Python be more vulnerable than C or Java for some reason?
If anything, Python will be much *more* secure than C, and possibly
slightly less secure than Java. On the other hand, once we're past
the old buffer overflow issues (always an issue with C, effectively
never an issue with Python) and similar low-level technical problems,
we are in the realm where the *design of your system* is more likely
to be the cause of any security flaws, rather than the tools used.
Here, too, Python may have an advantage, as it should allow you to
build the system in a way that more closely matches the design.
Python is fairly high level, even compared to Java, so in should
let you spend less time coding and more time designing, and for
a security-sensitive app that is the most important thing (after
what might really be the most important thing, which is to become a
security guru...or hire one).
> I'm not a security guru, but ...
:-)
-Peter
> choice of language is largely arbitrary.
> Is this wrong? Are there reasons to choose/avoid Python?
Very few reasons to avoid, many reasons to choose. The choice
shouldn't be arbitrary, but neither should it be based solely
on the question you ask in this message (roughly, "is Python
more secure than C or Java?").
-Peter
More information about the Python-list
mailing list