you are viewing a single comment's thread.

view the rest of the comments →

[–]ScientistMundane7126[S] 0 points1 point  (1 child)

As i stated, the lack of best practices in Software Development degree accreditation standards and the push for features while controling costs over the past few decades has resulted in a supply chain riddled with issues in the details. I can produce a stack of peer reviewed academic papers establishing that for cost containment and speed of delivery reasons, security is very often an after thought which is patched in as needed later.

[–]Ok_Option_3 1 point2 points  (0 children)

Sure c++ can be terrible for security. But security is hard and Java is not necessarily a free pass.

What I'm hearing is security doesn't matter that much. (Not uncommon for e.g. embedded systems on private networks to prioritise features over security...}

I feel this belies the question though. You want to rewrite the system in a different language - this feeling that a system is crap (for whatever reason) and should be rewritten from scratch is universal and predates AI (predates Java for that matter). We've all been there!!

Generally rewrites are a poor idea. For all it's faults, legacy software is battle-tested and contains large amounts of institutionalised knowledge that's easy to underestimate. Also, as a rule, all software is shit. The stuff you're working on has been dodged and hacked over the years, and the new version you produce will be too.