Note that this is not about the .NET CLR that Microsoft is thrusting into the atmosphere to evangelize the concept of managed code. Most of you know that managed code has been around for quite some time and isn't very related to rocket science.
请注意,这与微软正在向大气层传播托管代码概念的.NET CLR无关。大多数人都知道托管代码已存在很长时间,与火箭科学无关。
What I would like to know is why the concept of runtime security in the evolution of computers came so late.
我想知道的是为什么计算机发展中运行时安全的概念来得太晚了。
I know this is like asking "why didn't the first Model T Ford come with airbags and seat belts?". The relevance of the question still stands despite this though, because it's well within human nature to protect againts known dangers. E.g. the first T-Ford didn't go fast enough to motivate airbag research. It didn't go fast enough for people to make fatal judgemental errors so often that it would motivate seat belt as law and standard in many countries.
我知道这就像问“为什么第一辆T型福特不带安全气囊和安全带?”。尽管如此,这个问题的相关性仍然存在,因为保护已知的危险在人性中是很好的。例如。第一辆T-Ford的速度不够快,不足以激励安全气囊研究。它的速度不够快,人们常常做出致命的判断错误,以至于它会激励安全带成为许多国家的法律和标准。
In computer evolution it's almost the other way around. We started out with assembler, the equivalent of driving a T-Ford at 200mph with an eye-patch. I've had the pleasure of conversating with a few old truckers from this era, hearing these stories about hand-assembling assembly code, human debuggers, grillion lines of code etc. If we make a really nasty error in C, we might end up with a bluescreen. Decades ago, you could end up with damaged hardware and god knows what. But it's a mystery to me - so many decades, and all we did to make crashing less painful was the bluescreen (sorry for using MS as archetype for anything).
在计算机进化中,它几乎是另一种方式。我们开始使用汇编程序,相当于以200英里每小时的速度驾驶T-Ford。我有幸与这个时代的几个老卡车司机交谈,听到这些关于手工组装汇编代码,人工调试器,格栅代码等的故事。如果我们在C中犯了一个非常讨厌的错误,我们可能最终会蓝屏。几十年前,你最终可能会损坏硬件,上帝知道什么。但这对我来说是一个谜 - 几十年来,我们所做的一切都是为了让崩溃减轻痛苦的是蓝屏(抱歉使用MS作为任何东西的原型)。
It's not only within human nature to protect against known dangers, it's also within any programmer's nature to automate and systemize common facilities, like error checking, memory diagnostics, logging frameworks, backup maintenance etc etc.
保护免受已知危险不仅在人性中,在任何程序员的本性中也可以自动化和系统化常见设施,如错误检查,内存诊断,日志框架,备份维护等。
Why didn't programmers/humans start to automate the task of ensuring that code they feed to the system won't harm the system?. Yes, ofcourse, performance. But hey, this was well before any seriously penetrating hardware standard. Why didn't motherboards get designed with bus architectures and extra processors to facilitate "managed code"?
为什么程序员/人类没有开始自动完成确保他们提供给系统的代码不会损害系统的任务?是的,当然,表现。但是,嘿,这是在任何严重渗透的硬件标准之前。为什么主板没有设计总线架构和额外的处理器来促进“托管代码”?
Is there any metaphor to Model T Fords not being fast enough that I'm missing?
有没有比喻模型T福特不够快,我错过了吗?
15 个解决方案
#1
Let's think this through from first principles.
让我们从第一原则开始思考。
A managed platform provides a relatively sandboxed area to run program code that is created from the high level language to a form more suitable to be executed by the platform (IL bytecodes) . In there are also utility features like garbage collection and module loading.
托管平台提供相对沙箱区域以运行程序代码,该程序代码从高级语言创建为更适合由平台执行的形式(IL字节码)。还有垃圾收集和模块加载等实用功能。
Now think about a native application - the OS provides a relatively sandboxed area (a process) to run program code that is created from a high level language to a form more suitable to be executed by the platform (x86 opcodes). In there are also utility features like virtual memory management and module loading.
现在考虑本机应用程序 - 操作系统提供了一个相对沙箱区域(一个进程)来运行程序代码,该程序代码从高级语言创建到更适合由平台执行的形式(x86操作码)。还有一些实用功能,如虚拟内存管理和模块加载。
There's not much difference, I think the reason we have managed platform in the first place is simply because it makes coding the platform easier. It should make the code portable between OSes, but MS didn't care for that. Security is part of the managed platform, but should be part of the OS - eg. your managed app can write files and similar, just like a normal process. Restricting that is a security feature, it isn't an aspect of a managed platform that doesn't exist on native.
没有太大区别,我认为我们首先管理平台的原因仅仅是因为它使编码平台变得更容易。它应该使代码在操作系统之间可移植,但MS并不关心它。安全性是托管平台的一部分,但应该是操作系统的一部分 - 例如。您的托管应用程序可以像正常流程一样编写文件和类似文件。限制这是一个安全功能,它不是本机上不存在的托管平台的一个方面。
Ultimately, they could have put all those managed features into a set of native dlls and scrapped the idea of the intermediary bytecode, JIT compiling to native code instead. "Managed" features like GC is easily possible on native heaps - see the Boehm C++ one for an example.
最终,他们可以将所有这些托管功能放入一组本机dll并废弃中间字节码的想法,JIT编译为本机代码。像GC这样的“托管”功能很容易在原生堆上实现 - 请参阅Boehm C ++示例。
I think MS did it partly because it made the compiler easier to write, and partly because that's how Java was made (and .NET is very much a descendant of Java, if only in spirit), though Java did it that way to make cross-platform coding possible, something MS doesn't care for.
我认为MS之所以这样做,部分是因为它使编译器更容易编写,部分是因为这就是Java的制作方式(而.NET是Java的后代,如果只是在精神上),尽管Java也是这样做的。 -platform编码可能,MS不关心。
So, why didn't we get managed code from the start - because all the things you mention as being part of 'managed' code, are native code. Managed platforms we have today are simply an additional abstraction on top of an already abstracted platform. High-level languages have had more features added to them to protect you from yourself, buffer overflows are a thing of the past, but there's no reason they couldn't have been implemented in C when C was first invented. Its just that they weren't. Perhaps hindsight makes it seem like these features were missing, but I'm sure in 10 years time, we'll be asking "why didn't C# implement the obviously useful feature XYZ like we have today"
那么,为什么我们不能从一开始就获得托管代码 - 因为你提到的所有东西都是“托管”代码的一部分,都是本机代码。我们今天拥有的托管平台只是在已经抽象的平台之上的额外抽象。高级语言已经添加了更多功能来保护您自己,缓冲区溢出已经成为过去,但是当C最初发明时,它们没有理由不能在C中实现。只是他们不是。也许事后看来似乎缺少这些功能,但我相信在10年的时间里,我们会问“为什么没有C#实现像我们今天这样明显有用的功能XYZ”
#2
Managed code built in security etc. has been around for a long time.
在安全性等方面构建的托管代码已经存在了很长时间。
There just wasn't room for it in the original PC platform and it never got added in later.
在最初的PC平台上没有它的空间,它从未在以后添加过。
The venerable IBM mainframe has has protected addressing, untouchable kernal libraries, role based security etc. etc. since the 70s. Plus all that Assembler code was managed by a sophisticated (for the time) change management system. (Univac, Burroughs etc had something similar.)
自70年代以来,古老的IBM大型机已经保护了寻址,不可触及的内核库,基于角色的安全性等。此外,所有Assembler代码都由一个复杂的(当时的)变更管理系统管理。 (Univac,Burroughs等有类似的东西。)
Unix had fairly decent security built in from the beginning (and it hasn't changed very much over the years).
Unix从一开始就内置了相当不错的安全性(多年来它并没有太大变化)。
So I think this is very much a windows/web space problem.
所以我认为这是一个很大的windows / web空间问题。
There has never been a mainframe virus! Most of the financial transactions in the world pass through these systems at some point so its not as if they werent an attractive target.
从未有过大型机病毒!世界上大多数金融交易在某些时候都会通过这些系统,因此它们并不像是一个有吸引力的目标。
The internal IBM mail system did host the first '*' though!
虽然内部IBM邮件系统确实托管了第一个“木马”!
#3
Actually, managed code has been around for a very long time. Consider:
实际上,托管代码已存在很长时间了。考虑:
- LISP
- Smalltalk
- BASIC (original flavour)
BASIC(原味)
All provided operating system-like environments which protected the use from memory and other resource control issues. And all were relative failures (BASIC only really succeeded when features like PEEK & POKE that allowed you to mess with the underlying system were introduced).
所有提供的类似操作系统的环境都保护了内存和其他资源控制问题的使用。所有这些都是相对的失败(BASIC只有在PEEK和POKE这样的功能允许你搞乱底层系统时才真正成功)。
#4
Computers weren't powerful enough and making them powerful enough was too expensive. When you've only got limited resources at your disposal, every byte and CPU cycle counts.
计算机不够强大,使它们足够强大太昂贵了。当您只有有限的资源可供使用时,每个字节和CPU周期都会计算在内。
The first computer I used was a Sinclair ZX Spectrum in 1982. It had less RAM (16K) than the size of a single Windows' font file today. And that was relatively recently, in the home computer age. Before the mid-1970s the idea of having a computer in your home was inconceivable.
我使用的第一台计算机是1982年的Sinclair ZX Spectrum。它的RAM(16K)比现在单个Windows'字体文件的大小少。这是最近的一次,在家庭计算机时代。在20世纪70年代中期之前,在家中安装电脑的想法是不可想象的。
#5
Just for the record, we never hand-compiled assembly. We hand-assembled assembly language code. Now that that's clear...
仅仅为了记录,我们从来没有手工编译组装。我们手工组装汇编语言代码。现在那很清楚......
Your analogy is clouding the question because the speed of the car is not analogous to the speed of the computer in this sense: The increasing speed of the car necessitated the changes in auto safety, but it's not the increased speed of the computer that drives the need for changes in computer security, it's the increase in connectivity. From a slightly different angle: For the car, increasing speed is the driving technology for increasing safety. For computers, increasing speed is the enabling technology for increasing safety.
你的比喻使问题蒙上阴影,因为在这种意义上,汽车的速度与计算机的速度并不相似:汽车速度的提高需要改变汽车的安全性,但并不是计算机的速度提高了。需要改变计算机安全性,这是连接性的增加。从略微不同的角度来看:对于汽车而言,提高速度是提高安全性的驱动技术。对于计算机而言,提高速度是提高安全性的有利技术。
So, the first cars were safe in accidents because they were slow. The first computers were safe because they weren't networked.
因此,第一辆车在事故中是安全的,因为它们很慢。第一台计算机是安全的,因为它们没有联网。
Now, cars are made safer through seat belts, air bags, ABS, anti-collision devices, and so forth. Computers are made safe through additional techniques, although you still can't beat unplugging the network cable.
现在,通过安全带,安全气囊,ABS,防撞装置等使汽车更加安全。虽然您仍然无法拔掉网络电缆,但计算机通过其他技术可以保证安全。
This is a simplification, but I think it gets at the heart of it. We didn't need that stuff back then, because computers weren't connected to the network.
这是一种简化,但我认为它是它的核心。那时我们不需要那些东西,因为计算机没有连接到网络。
#6
The same reason why There were no trains 300 years ago . The same reason why There were no cell phones 30 years ago. The same reason why we still don't have teleportation machine.
同样的原因300年前没有火车。 30年前没有手机的原因相同。我们仍然没有远距传送机的原因相同。
Technology evolves over time , it is called evolution.
技术随着时间的推移而发展,它被称为进化。
The computers wasn't powerful enough back then. running a garbage collector at the background would have kill you application performance.
当时计算机还不够强大。在后台运行垃圾收集器会杀死应用程序性能。
#7
Speaking to your question of why computers didn't have the protection mechanisms on the level of managed code, rather than why VMs couldn't run on slow hardware (already explained in other posts). The short answer is that it was. CPUs were designed to throw an exception when bad code happened so that it wouldn't damage the system. Windows handles this notoriously poorly, but there are other OSs out there. Unix passes it as signals so that the programs get terminated without bringing down the system. Really whether or not you are running managed code or not, a null pointer exception will result the same way - in program termination. Virtual memory ensures that programs don't mess with other code, so all they can do is hurt themselves.
谈谈为什么计算机没有托管代码级别的保护机制的问题,而不是为什么虚拟机无法在慢速硬件上运行(已经在其他帖子中解释过)。简短的回答是它。 CPU被设计为在发生错误代码时抛出异常,这样就不会损坏系统。 Windows处理这个问题非常糟糕,但还有其他操作系统。 Unix将其作为信号传递,以便程序在不关闭系统的情况下终止。实际上,无论您是否正在运行托管代码,空指针异常将以相同的方式产生 - 在程序终止时。虚拟内存可确保程序不会混淆其他代码,因此他们所能做的就是伤害自己。
Which brings me to my second point. All this is unnecessary if you know what you are doing. If I want to keep my furniture clean, I simply don't drop food on it. I don't need to cover my house in plastic, I just have to be careful. If you're a sloppy coder the best VM in the world isn't going to save you, it will just allow you to run your sloppy code without any noise. Also, porting code is easy if you use proper encapsulation. When you are a good coder, managed code doesn't help extensively. That is why not everyone is using it. It is simply a matter of preference, not better / worse.
这让我想到了第二点。如果你知道自己在做什么,这一切都是不必要的。如果我想保持家具清洁,我根本就不要把食物放在上面。我不需要用塑料盖住我的房子,我只需要小心。如果你是一个草率的编码器,世界上最好的虚拟机不会拯救你,它只会让你运行你的草率代码而没有任何噪音。此外,如果使用适当的封装,移植代码也很容易。如果您是一名优秀的程序员,托管代码并没有广泛的帮助。这就是为什么不是每个人都在使用它。这只是一个偏好问题,而不是更好/更糟。
As far as run-time security goes, there's nothing a P-code compiler can predict that a machine code can't, and nothing a managed code interpreter can handle that the OS can't (or doesn't) already. Motherboards with extra buses, CPUs and instruction sets cost a lot more money - IT is all about the cost/performance ratio.
就运行时安全性而言,没有任何P代码编译器可以预测机器代码不能,并且托管代码解释器无法处理操作系统不能(或不具有)的任何内容。带有额外总线,CPU和指令集的主板需要花费更多的钱 - IT就是成本/性能比。
#8
In 1970, the cost of memory was around $1/bit (without inflation). You cannot afford the luxury garbage collection with costs like that.
1970年,内存成本约为1美元/比特(没有通货膨胀)。你不能承担这样的费用的豪华垃圾收集。
#9
Why didn'we just build airplanes and spaceships at once, instead of mucking around with horse-and-carriage and all that tedious stuff?
为什么我们不是立刻建造飞机和宇宙飞船,而不是用马车和所有繁琐的东西捣乱?
#10
I think like most questions, "Why did we not have X in programming Y years ago" the answer is speed/resource allocation. With limited resources they needed to be managed as effectively as possible. The general purpose type of management associated with managed code would have been too resource consuming to have been of benefit in performance critical applications of the time. This is also part of why today's performance critical code is still written in C, Fortran or assembler.
我想像大多数问题一样,“为什么我们在Y年前没有编程X”答案是速度/资源分配。资源有限,需要尽可能有效地进行管理。与托管代码相关联的通用管理类型过于消耗资源而无法在当时的性能关键应用程序中获益。这也是为什么今天的性能关键代码仍然用C,Fortran或汇编语言编写的部分原因。
#11
The use of an intermediate language requires one of two things:
使用中间语言需要以下两种方法之一:
- Run-time interpretation, which will have a substantial performance penalty (widely variable--occasionally 2x or less, but sometimes 100x or more)
- A just-in-time compiler, which will require extra RAM, and which will add delay roughly proportional to program size, rather than number of statements executed
运行时解释,会有很大的性能损失(变化很大 - 有时是2倍或更少,但有时是100倍或更多)
一个即时编译器,它需要额外的RAM,并且会增加大致与程序大小成比例的延迟,而不是执行的语句数量
One thing that has changed over the years is that many programs run the most heavily-used portions of their mode many more times than they used to. Suppose the first time any particular statement is executed will incur a penalty 1,000 times as long as subsequent executions. What will be the effect of that penalty in a program where each statement is run an average of 100 times? What will be effect of that penalty on a program where each statement is run an average of 1,000,000 times?
多年来发生了变化的一件事是,许多程序运行模式中使用频率最高的部分比以前多了很多倍。假设第一次执行任何特定语句将导致罚款的次数是后续执行的1,000倍。在每个语句平均运行100次的程序中,该惩罚会产生什么影响?对于每个声明平均运行1,000,000次的程序,该惩罚会产生什么影响?
Just-in-time compiling has been possible for a long time, but in the 1980's or 1990's, the performance cost would have been unacceptable. As technologies have changed, the practical costs of JIT compilation have come down to the point that they're entirely practical.
即时编译已经有可能很长一段时间了,但在1980年代或1990年代,性能成本是不可接受的。随着技术的变化,JIT编译的实际成本已经降到了它们完全实用的程度。
#12
The answer becomes clearer - humans weren't built for writing programs. Machines should be doing it and letting us relax by playing pacman.
答案变得更加清晰 - 人类不是为编写程序而构建的。机器应该这样做,让我们玩pacman放松一下。
#13
For what it's worth, I read a couple of papers for my computing languages class (one by CAR Hoare and another by Nicholas Wirth) advocating exactly this back in the 60s and 70s among other things.
为了它的价值,我为我的计算语言课程(一个由Car Hoare和另一个由Nicholas Wirth)阅读了几篇论文,在60年代和70年代之间提倡这一点。
I can't speak to exactly why these things didn't happen, but my guess is that it's just one of those things that looks obvious in hindsight that wasn't obvious at the time. It's not that earlier compilers weren't concerned about security. It's that they had different ideas about how to do this.
我不能确切地说出为什么这些事情没有发生,但我的猜测是,这只是事后看来显而易见的事情之一,当时并不明显。并不是早期的编译器不关心安全性。他们对如何做到这一点有不同的想法。
Hoare mentions the idea of a "checkout compiler". As far as I can tell, this is essentially a compiler that does static analysis. To him, this was a popular technique that failed (or at least didn't solve as many problems as it was inteneded to solve). The solution to him was to make programming languages more secure by creating managed code (or at least that's how he would have put it in modern terms).
Hoare提到了“结账编译器”的想法。据我所知,这本质上是一个进行静态分析的编译器。对他来说,这是一种失败的流行技术(或者至少没有解决因为需要解决的问题)。他的解决方案是通过创建托管代码使编程语言更加安全(或者至少他会用现代术语来表达它)。
I'd imagine that once C (and later C++) caught on, the idea of managed code was essentially dead. It's not that C was a bad language, just that it was intended to be an assembly language rather than an application programming language.
我想,一旦C(以及后来的C ++)流行起来,托管代码的想法基本上已经死了。并不是说C语言是一种糟糕的语言,只是因为它是一种汇编语言而不是应用程序编程语言。
If you get a chance, you might read Hints on programming-language design. It's a pretty good read if you're interested in this kind of thing.
如果有机会,您可能会阅读有关编程语言设计的提示。如果你对这种事感兴趣,这是一个很好的阅读。
#14
Best answer to this question is, IMHO, nobody had an idea of managed code at that time. Knowledge actually evolves over time. As compared to fields like architecture or agriculture, computer science is a very young field. So the collective knowledge about the field is also young and will evolve over time. Perhaps in a few years we come across some new phenomenon and someone will be asking the same question, "why didn't somebody think of XYZ beofore?".
这个问题的最佳答案是,恕我直言,当时没有人知道托管代码。知识实际上随着时间而演变。与建筑或农业等领域相比,计算机科学是一个非常年轻的领域。因此,关于该领域的集体知识也很年轻,并将随着时间的推移而发展。也许在几年内我们遇到了一些新现象,有人会问同样的问题,“为什么没有人想到XYZ beofore?”。
#15
I'd say it's largely been change resistance coupled with false perception of inefficiency of garbage collection that's delayed the adoption of GC and related techniques. Of course the brain dead segmented memory model on Intel 8086 didn't exactly help promote sane memory management on the PC.
我说它主要是变化阻力加上对垃圾收集效率低下的错误认知,这推迟了GC和相关技术的采用。当然,英特尔8086上的脑死分段内存模型并没有完全有助于在PC上促进理智的内存管理。
#1
Let's think this through from first principles.
让我们从第一原则开始思考。
A managed platform provides a relatively sandboxed area to run program code that is created from the high level language to a form more suitable to be executed by the platform (IL bytecodes) . In there are also utility features like garbage collection and module loading.
托管平台提供相对沙箱区域以运行程序代码,该程序代码从高级语言创建为更适合由平台执行的形式(IL字节码)。还有垃圾收集和模块加载等实用功能。
Now think about a native application - the OS provides a relatively sandboxed area (a process) to run program code that is created from a high level language to a form more suitable to be executed by the platform (x86 opcodes). In there are also utility features like virtual memory management and module loading.
现在考虑本机应用程序 - 操作系统提供了一个相对沙箱区域(一个进程)来运行程序代码,该程序代码从高级语言创建到更适合由平台执行的形式(x86操作码)。还有一些实用功能,如虚拟内存管理和模块加载。
There's not much difference, I think the reason we have managed platform in the first place is simply because it makes coding the platform easier. It should make the code portable between OSes, but MS didn't care for that. Security is part of the managed platform, but should be part of the OS - eg. your managed app can write files and similar, just like a normal process. Restricting that is a security feature, it isn't an aspect of a managed platform that doesn't exist on native.
没有太大区别,我认为我们首先管理平台的原因仅仅是因为它使编码平台变得更容易。它应该使代码在操作系统之间可移植,但MS并不关心它。安全性是托管平台的一部分,但应该是操作系统的一部分 - 例如。您的托管应用程序可以像正常流程一样编写文件和类似文件。限制这是一个安全功能,它不是本机上不存在的托管平台的一个方面。
Ultimately, they could have put all those managed features into a set of native dlls and scrapped the idea of the intermediary bytecode, JIT compiling to native code instead. "Managed" features like GC is easily possible on native heaps - see the Boehm C++ one for an example.
最终,他们可以将所有这些托管功能放入一组本机dll并废弃中间字节码的想法,JIT编译为本机代码。像GC这样的“托管”功能很容易在原生堆上实现 - 请参阅Boehm C ++示例。
I think MS did it partly because it made the compiler easier to write, and partly because that's how Java was made (and .NET is very much a descendant of Java, if only in spirit), though Java did it that way to make cross-platform coding possible, something MS doesn't care for.
我认为MS之所以这样做,部分是因为它使编译器更容易编写,部分是因为这就是Java的制作方式(而.NET是Java的后代,如果只是在精神上),尽管Java也是这样做的。 -platform编码可能,MS不关心。
So, why didn't we get managed code from the start - because all the things you mention as being part of 'managed' code, are native code. Managed platforms we have today are simply an additional abstraction on top of an already abstracted platform. High-level languages have had more features added to them to protect you from yourself, buffer overflows are a thing of the past, but there's no reason they couldn't have been implemented in C when C was first invented. Its just that they weren't. Perhaps hindsight makes it seem like these features were missing, but I'm sure in 10 years time, we'll be asking "why didn't C# implement the obviously useful feature XYZ like we have today"
那么,为什么我们不能从一开始就获得托管代码 - 因为你提到的所有东西都是“托管”代码的一部分,都是本机代码。我们今天拥有的托管平台只是在已经抽象的平台之上的额外抽象。高级语言已经添加了更多功能来保护您自己,缓冲区溢出已经成为过去,但是当C最初发明时,它们没有理由不能在C中实现。只是他们不是。也许事后看来似乎缺少这些功能,但我相信在10年的时间里,我们会问“为什么没有C#实现像我们今天这样明显有用的功能XYZ”
#2
Managed code built in security etc. has been around for a long time.
在安全性等方面构建的托管代码已经存在了很长时间。
There just wasn't room for it in the original PC platform and it never got added in later.
在最初的PC平台上没有它的空间,它从未在以后添加过。
The venerable IBM mainframe has has protected addressing, untouchable kernal libraries, role based security etc. etc. since the 70s. Plus all that Assembler code was managed by a sophisticated (for the time) change management system. (Univac, Burroughs etc had something similar.)
自70年代以来,古老的IBM大型机已经保护了寻址,不可触及的内核库,基于角色的安全性等。此外,所有Assembler代码都由一个复杂的(当时的)变更管理系统管理。 (Univac,Burroughs等有类似的东西。)
Unix had fairly decent security built in from the beginning (and it hasn't changed very much over the years).
Unix从一开始就内置了相当不错的安全性(多年来它并没有太大变化)。
So I think this is very much a windows/web space problem.
所以我认为这是一个很大的windows / web空间问题。
There has never been a mainframe virus! Most of the financial transactions in the world pass through these systems at some point so its not as if they werent an attractive target.
从未有过大型机病毒!世界上大多数金融交易在某些时候都会通过这些系统,因此它们并不像是一个有吸引力的目标。
The internal IBM mail system did host the first '*' though!
虽然内部IBM邮件系统确实托管了第一个“木马”!
#3
Actually, managed code has been around for a very long time. Consider:
实际上,托管代码已存在很长时间了。考虑:
- LISP
- Smalltalk
- BASIC (original flavour)
BASIC(原味)
All provided operating system-like environments which protected the use from memory and other resource control issues. And all were relative failures (BASIC only really succeeded when features like PEEK & POKE that allowed you to mess with the underlying system were introduced).
所有提供的类似操作系统的环境都保护了内存和其他资源控制问题的使用。所有这些都是相对的失败(BASIC只有在PEEK和POKE这样的功能允许你搞乱底层系统时才真正成功)。
#4
Computers weren't powerful enough and making them powerful enough was too expensive. When you've only got limited resources at your disposal, every byte and CPU cycle counts.
计算机不够强大,使它们足够强大太昂贵了。当您只有有限的资源可供使用时,每个字节和CPU周期都会计算在内。
The first computer I used was a Sinclair ZX Spectrum in 1982. It had less RAM (16K) than the size of a single Windows' font file today. And that was relatively recently, in the home computer age. Before the mid-1970s the idea of having a computer in your home was inconceivable.
我使用的第一台计算机是1982年的Sinclair ZX Spectrum。它的RAM(16K)比现在单个Windows'字体文件的大小少。这是最近的一次,在家庭计算机时代。在20世纪70年代中期之前,在家中安装电脑的想法是不可想象的。
#5
Just for the record, we never hand-compiled assembly. We hand-assembled assembly language code. Now that that's clear...
仅仅为了记录,我们从来没有手工编译组装。我们手工组装汇编语言代码。现在那很清楚......
Your analogy is clouding the question because the speed of the car is not analogous to the speed of the computer in this sense: The increasing speed of the car necessitated the changes in auto safety, but it's not the increased speed of the computer that drives the need for changes in computer security, it's the increase in connectivity. From a slightly different angle: For the car, increasing speed is the driving technology for increasing safety. For computers, increasing speed is the enabling technology for increasing safety.
你的比喻使问题蒙上阴影,因为在这种意义上,汽车的速度与计算机的速度并不相似:汽车速度的提高需要改变汽车的安全性,但并不是计算机的速度提高了。需要改变计算机安全性,这是连接性的增加。从略微不同的角度来看:对于汽车而言,提高速度是提高安全性的驱动技术。对于计算机而言,提高速度是提高安全性的有利技术。
So, the first cars were safe in accidents because they were slow. The first computers were safe because they weren't networked.
因此,第一辆车在事故中是安全的,因为它们很慢。第一台计算机是安全的,因为它们没有联网。
Now, cars are made safer through seat belts, air bags, ABS, anti-collision devices, and so forth. Computers are made safe through additional techniques, although you still can't beat unplugging the network cable.
现在,通过安全带,安全气囊,ABS,防撞装置等使汽车更加安全。虽然您仍然无法拔掉网络电缆,但计算机通过其他技术可以保证安全。
This is a simplification, but I think it gets at the heart of it. We didn't need that stuff back then, because computers weren't connected to the network.
这是一种简化,但我认为它是它的核心。那时我们不需要那些东西,因为计算机没有连接到网络。
#6
The same reason why There were no trains 300 years ago . The same reason why There were no cell phones 30 years ago. The same reason why we still don't have teleportation machine.
同样的原因300年前没有火车。 30年前没有手机的原因相同。我们仍然没有远距传送机的原因相同。
Technology evolves over time , it is called evolution.
技术随着时间的推移而发展,它被称为进化。
The computers wasn't powerful enough back then. running a garbage collector at the background would have kill you application performance.
当时计算机还不够强大。在后台运行垃圾收集器会杀死应用程序性能。
#7
Speaking to your question of why computers didn't have the protection mechanisms on the level of managed code, rather than why VMs couldn't run on slow hardware (already explained in other posts). The short answer is that it was. CPUs were designed to throw an exception when bad code happened so that it wouldn't damage the system. Windows handles this notoriously poorly, but there are other OSs out there. Unix passes it as signals so that the programs get terminated without bringing down the system. Really whether or not you are running managed code or not, a null pointer exception will result the same way - in program termination. Virtual memory ensures that programs don't mess with other code, so all they can do is hurt themselves.
谈谈为什么计算机没有托管代码级别的保护机制的问题,而不是为什么虚拟机无法在慢速硬件上运行(已经在其他帖子中解释过)。简短的回答是它。 CPU被设计为在发生错误代码时抛出异常,这样就不会损坏系统。 Windows处理这个问题非常糟糕,但还有其他操作系统。 Unix将其作为信号传递,以便程序在不关闭系统的情况下终止。实际上,无论您是否正在运行托管代码,空指针异常将以相同的方式产生 - 在程序终止时。虚拟内存可确保程序不会混淆其他代码,因此他们所能做的就是伤害自己。
Which brings me to my second point. All this is unnecessary if you know what you are doing. If I want to keep my furniture clean, I simply don't drop food on it. I don't need to cover my house in plastic, I just have to be careful. If you're a sloppy coder the best VM in the world isn't going to save you, it will just allow you to run your sloppy code without any noise. Also, porting code is easy if you use proper encapsulation. When you are a good coder, managed code doesn't help extensively. That is why not everyone is using it. It is simply a matter of preference, not better / worse.
这让我想到了第二点。如果你知道自己在做什么,这一切都是不必要的。如果我想保持家具清洁,我根本就不要把食物放在上面。我不需要用塑料盖住我的房子,我只需要小心。如果你是一个草率的编码器,世界上最好的虚拟机不会拯救你,它只会让你运行你的草率代码而没有任何噪音。此外,如果使用适当的封装,移植代码也很容易。如果您是一名优秀的程序员,托管代码并没有广泛的帮助。这就是为什么不是每个人都在使用它。这只是一个偏好问题,而不是更好/更糟。
As far as run-time security goes, there's nothing a P-code compiler can predict that a machine code can't, and nothing a managed code interpreter can handle that the OS can't (or doesn't) already. Motherboards with extra buses, CPUs and instruction sets cost a lot more money - IT is all about the cost/performance ratio.
就运行时安全性而言,没有任何P代码编译器可以预测机器代码不能,并且托管代码解释器无法处理操作系统不能(或不具有)的任何内容。带有额外总线,CPU和指令集的主板需要花费更多的钱 - IT就是成本/性能比。
#8
In 1970, the cost of memory was around $1/bit (without inflation). You cannot afford the luxury garbage collection with costs like that.
1970年,内存成本约为1美元/比特(没有通货膨胀)。你不能承担这样的费用的豪华垃圾收集。
#9
Why didn'we just build airplanes and spaceships at once, instead of mucking around with horse-and-carriage and all that tedious stuff?
为什么我们不是立刻建造飞机和宇宙飞船,而不是用马车和所有繁琐的东西捣乱?
#10
I think like most questions, "Why did we not have X in programming Y years ago" the answer is speed/resource allocation. With limited resources they needed to be managed as effectively as possible. The general purpose type of management associated with managed code would have been too resource consuming to have been of benefit in performance critical applications of the time. This is also part of why today's performance critical code is still written in C, Fortran or assembler.
我想像大多数问题一样,“为什么我们在Y年前没有编程X”答案是速度/资源分配。资源有限,需要尽可能有效地进行管理。与托管代码相关联的通用管理类型过于消耗资源而无法在当时的性能关键应用程序中获益。这也是为什么今天的性能关键代码仍然用C,Fortran或汇编语言编写的部分原因。
#11
The use of an intermediate language requires one of two things:
使用中间语言需要以下两种方法之一:
- Run-time interpretation, which will have a substantial performance penalty (widely variable--occasionally 2x or less, but sometimes 100x or more)
- A just-in-time compiler, which will require extra RAM, and which will add delay roughly proportional to program size, rather than number of statements executed
运行时解释,会有很大的性能损失(变化很大 - 有时是2倍或更少,但有时是100倍或更多)
一个即时编译器,它需要额外的RAM,并且会增加大致与程序大小成比例的延迟,而不是执行的语句数量
One thing that has changed over the years is that many programs run the most heavily-used portions of their mode many more times than they used to. Suppose the first time any particular statement is executed will incur a penalty 1,000 times as long as subsequent executions. What will be the effect of that penalty in a program where each statement is run an average of 100 times? What will be effect of that penalty on a program where each statement is run an average of 1,000,000 times?
多年来发生了变化的一件事是,许多程序运行模式中使用频率最高的部分比以前多了很多倍。假设第一次执行任何特定语句将导致罚款的次数是后续执行的1,000倍。在每个语句平均运行100次的程序中,该惩罚会产生什么影响?对于每个声明平均运行1,000,000次的程序,该惩罚会产生什么影响?
Just-in-time compiling has been possible for a long time, but in the 1980's or 1990's, the performance cost would have been unacceptable. As technologies have changed, the practical costs of JIT compilation have come down to the point that they're entirely practical.
即时编译已经有可能很长一段时间了,但在1980年代或1990年代,性能成本是不可接受的。随着技术的变化,JIT编译的实际成本已经降到了它们完全实用的程度。
#12
The answer becomes clearer - humans weren't built for writing programs. Machines should be doing it and letting us relax by playing pacman.
答案变得更加清晰 - 人类不是为编写程序而构建的。机器应该这样做,让我们玩pacman放松一下。
#13
For what it's worth, I read a couple of papers for my computing languages class (one by CAR Hoare and another by Nicholas Wirth) advocating exactly this back in the 60s and 70s among other things.
为了它的价值,我为我的计算语言课程(一个由Car Hoare和另一个由Nicholas Wirth)阅读了几篇论文,在60年代和70年代之间提倡这一点。
I can't speak to exactly why these things didn't happen, but my guess is that it's just one of those things that looks obvious in hindsight that wasn't obvious at the time. It's not that earlier compilers weren't concerned about security. It's that they had different ideas about how to do this.
我不能确切地说出为什么这些事情没有发生,但我的猜测是,这只是事后看来显而易见的事情之一,当时并不明显。并不是早期的编译器不关心安全性。他们对如何做到这一点有不同的想法。
Hoare mentions the idea of a "checkout compiler". As far as I can tell, this is essentially a compiler that does static analysis. To him, this was a popular technique that failed (or at least didn't solve as many problems as it was inteneded to solve). The solution to him was to make programming languages more secure by creating managed code (or at least that's how he would have put it in modern terms).
Hoare提到了“结账编译器”的想法。据我所知,这本质上是一个进行静态分析的编译器。对他来说,这是一种失败的流行技术(或者至少没有解决因为需要解决的问题)。他的解决方案是通过创建托管代码使编程语言更加安全(或者至少他会用现代术语来表达它)。
I'd imagine that once C (and later C++) caught on, the idea of managed code was essentially dead. It's not that C was a bad language, just that it was intended to be an assembly language rather than an application programming language.
我想,一旦C(以及后来的C ++)流行起来,托管代码的想法基本上已经死了。并不是说C语言是一种糟糕的语言,只是因为它是一种汇编语言而不是应用程序编程语言。
If you get a chance, you might read Hints on programming-language design. It's a pretty good read if you're interested in this kind of thing.
如果有机会,您可能会阅读有关编程语言设计的提示。如果你对这种事感兴趣,这是一个很好的阅读。
#14
Best answer to this question is, IMHO, nobody had an idea of managed code at that time. Knowledge actually evolves over time. As compared to fields like architecture or agriculture, computer science is a very young field. So the collective knowledge about the field is also young and will evolve over time. Perhaps in a few years we come across some new phenomenon and someone will be asking the same question, "why didn't somebody think of XYZ beofore?".
这个问题的最佳答案是,恕我直言,当时没有人知道托管代码。知识实际上随着时间而演变。与建筑或农业等领域相比,计算机科学是一个非常年轻的领域。因此,关于该领域的集体知识也很年轻,并将随着时间的推移而发展。也许在几年内我们遇到了一些新现象,有人会问同样的问题,“为什么没有人想到XYZ beofore?”。
#15
I'd say it's largely been change resistance coupled with false perception of inefficiency of garbage collection that's delayed the adoption of GC and related techniques. Of course the brain dead segmented memory model on Intel 8086 didn't exactly help promote sane memory management on the PC.
我说它主要是变化阻力加上对垃圾收集效率低下的错误认知,这推迟了GC和相关技术的采用。当然,英特尔8086上的脑死分段内存模型并没有完全有助于在PC上促进理智的内存管理。