In a world of increasing inter-connectivity, programming languages form the foundation. Did you know that the first programming language is over 100 years old and was written by a woman, Ada Lovelace? Join as us we delve into the history, evolution, and prevalance of programming languages over the years. In addition to outlining the history of languages and how each is traditionally used, you'll find information on what type of vulnerabilities are most common in programs developed in each language and which flaws are most typically fixed once discovered.
The TIOBE index: An indicator of the popularity of various languages, based upon global numbers of engineers, courses, and third-party vendors
|Position Jan 2013||Position Jan 2012||Delta in Position||Programming Language||Ratings Jan 2013||Delta Jan 2012||Status|
1957 - Fortran (short for “The IBM Mathematical Formula Translating System”) General-purpose, high-level. For numeric and scientific computing (as an alternative to assembly language). Oldest programming language still used today.
1958 - Lisp (short for “List Processor”) High-level. For mathematical notation. Several new computer science topics: tree data structures, automatic storage management, dynamic typing, and self-hosting compilers
1959 - Cobol (short for "Common Business-Oriented Language) High-level. Primarily for business computing. First programming language to be mandated by the US Department of Defense.
1964 - BASIC (acronym for “Beginner’s All-purpose Symbolic Instruction Code”) General-purpose, high-level. Designed for simplicity. Popularity exploded in the mid-‘70s with home computers; early computer games were often written in Basic, including Mike Mayfield’s Star Trek.
1970 - Pascal (after French mathematician/physicist Blaise Pascal) High-level. For teaching structured programming and data structuring. Commercial versions widely used throughout the ‘80s.
1980 - Ada (After Ada Lovelace, inventor of the first programming language) High-level. Derived from Pascal. Contracted by the US Department of Defense in 1977 for developing large software systems.
1983 - C++ (formerly “C with Classes”; ++ is the increment operator in “C”) Intermediate-level, object-oriented. An extension of C, with enhancements such as classes, virtual functions, and templates.
1983 - Objective-C (object-oriented extension of “C”) General-purpose, high-level. Expanded on C, adding message-passing functionality based on Smalltalk language.
1987 - Perl (a language named "PEARL" already existed, so "Pearl" wasn't an option...) General-purpose, high-level. Created for report processing on Unix systems. Today it’s known for high power and versatility.
1991 - Python (for British comedy troupe Monty Python – tutorials, sample code, and instructions often reference them) General-purpose, high-level. Created to support a variety of programming styles and be fun to use.
1993 - Ruby (the birthstone of one of the creator's collaborator) General-purpose, high-level. A teaching language influence by Perl, Ada, Lisp, Smalltalk, etc. Designed for productive and enjoyable programming.
1995 - Java (for the amount of coffee consumed while developing the language) General-purpose, high-level. Made for an interactive TV project. Cross-platform functionality. Second most popular language (behind C).2
1995 - PHP ("Personal Home Page") Open-source, general-purpose. For building dynamic web pages. Most widely used open-source software by enterprises.
|Code Quality||86%||Cytographical Issues||78%||Error Handling||87%|
|Cyptographical Issues||73%||Code Quality||75%||Buffer Overflow||75%|
|Directory Traversal||73%||Directory Traversal||65%||Buffer Management Errors||74%|
|CRLF Injection||71%||Information Leakage||61%||Numeric Errors||74%|
|Information Leakage||56%||Time and State||46%||Cyptographic Issues||66%|
|Time and State||56%||Cross-site Scripting (XSS)||43%||Directory Traversal||55%|
|Insufficient Input Validation||54%||CRLF Injection||41%||Dangerous Functions||51%|
|Cross-site Scripting (XSS)||49%||Insufficient Input Validation||34%||Time and State||44%|
|Credentials Management||44%||SQL Injection||32%||Code Quality||40%|
|API Abuse||42%||OS Command Injection||23%||Untrusted Search Path||27%|
|SQL Injection||41%||Credentials Management||19%||Format String||24%|
|Encapsulation||26%||Untrusted Search Path||18%||Race Conditions||23%|
|Session Fixation||25%||Error Handling||18%||OS Command Injection||20%|
|OS Command Injection||21%||Buffer Management Errors||6%||API Abuse||13%|
|Race Conditions||18%||Buffer Overflow||6%||Information Leakage||11%|
Takeaways from the Above Table: