Internet Security:

Network Developer: The Clan of C

By Dr. Seamus Phan

According to Dr Alan Kay, who earned a doctorate with distinction from his invention of the first graphical object-oriented computer in 1969, "The best way to predict the future is to invent it."

Dr Kay is credited in whole or in part with the evolution of the laptop and personal computer, the GUI, internetworking (from his early work at ARPAnet), client-server computing, and of course, object-oriented programming (OOP). He was one of the inventors of SmallTalk (, the first object-oriented programming language, which is still one of the easiest languages to learn, especially for kids.

SmallTalk heralded the arrival of other object-oriented languages. The first real object-oriented C was C++. Java, Sun Microsystems¹ pride and joy, was derived from C++, an object-oriented version of the C language. C++ itself lends much of its object orientation from the Simula 67 language. Microsoft's C# is similar to Java and has elements of Delphi.

A lesser-known language, practically dead even though it remains one of the most elegant languages of the C variant, is Objective C (

C, or C++, remain the pillars of mainstream programming even if they cause many sleepless nights for programmers, as well as people who attempt to debug or reuse the code later. If you are not overly concerned about which language you need‹as long as you can develop code and programs for your enterprise, graduate project or even for entertainment‹then any one of these languages will be usable.

The Renegade C

Objective C, the object-oriented programming language used in Mac OS X and its precursor NeXT, is an extension to the C language. It was originally written by Brad Cox and the StepStone Corporation in the 1980s, and later made it into the GNU gcc (GNU C compiler) in 1992. Objective C makes additions to C (rather than deviating more like Microsoft¹s C#) and the additions are based on SmallTalk.

The primary difference between C++ and Objective C stems from their object orientation roots. C++ tends to gravitate towards safer execution where more errors are detected at compilation time, while Objective C is more flexible by allowing some programs (which would have been rejected by the likes of Simula 67, the conceptual origination of C++) to execute. Objective C also offers flexibility in the form of dynamic typing, dynamic binding and dynamic loading.

Unlike competing or similar languages, Objective C delays the typing of language objects until a program is executed at runtime. Dynamic binding is made possible with the method name, type and argument information, and class variable instance information. During runtime, methods and classes may be added or deleted, where the objects are then bound together using the dynamic typing information. It is possible for programmers to incrementally adapt and enhance the program functionality, while the prototype can be generated for preview. Program segments are not loaded into memory until they are requested for and need to be used, thereby freeing system resources.

For its dynamic binding properties, Objective C presents a rather English-like syntax. For example: [myColor setRed:0.0 green:0.5 blue:1.0];

Objective C is about 1.5 to 2 times faster than standard C in performing dynamically bound messages.

Saying Hello Differently

Objective C is truly simple in relation to many other competing languages. Its "Hello World" routine is perhaps the best demonstration: printf(³Hello world!\n²); // This is an objective C comment return self; /* This is another comment } @end

You issue a print to screen command with the "Hello World" phrase and then return a new line "\n", which is quite similar even to PHP/ZEND. The "@end" is the call to end an implementation. What I like about the syntax of Objective C is that if you are familiar with server scripting languages such as Perl and PHP, you will have a very short learning curve. Also, it allows the use of "//" comments, as well as "/*" comments for other C programmers, and hence is quite tolerant.

Compare that to C++¹s "Hello World" routine below, and you can see that Objective C is much simpler in syntax and more English-like, due in part to its SmallTalk affiliation. C++ is almost alien and must be acquired through long study, since its syntax is non-English like.

#include // This line is a preprocessor directive for input/output operations
int main() { // This is a necessary call as every C++ program needs a main function
cout << "Hello, World!" << endl; // where cout generates the output;
// and endl adds a carriage return, similar to /n in Objective C
return 0; // We must return int to zero to reinitialise it.

Objective C is not popular except to those familiar with GNU C Compiler (GCC), which is available on Linux and BSD variants. However, you should consider Objective C if you are fed up with the likes of traditional C coding, and find C++ a tad difficult to handle.

Optimizing C++ Code

C++ can be used for a range of devices, from Web servers to embedded appliances such as handsets and PDAs. Given the limited computational power of embedded devices and the need for Web servers to serve thousands of real-time clients, the more sloppy writing of C++ code must be optimized.

For example, rather than use char and short, you should use int. C++ performs arithmetic operations and parameter passing at the integer level, rather than requiring the compiler to first convert values (char) to integer, then perform the operations, and then convert back to char values again. This is an example of using int instead of char:

int sum_int(int a, int b)
int c;
c = a + b;
return c;

For complex numbers, use initialization rather than assignment so that you can save lines of code. For example, if you use assignment, a routine may look like:

void foo()
Complex c;
c = (Complex)5;

But if you use initialization directly into a value:

void foo_optimised()
Complex c = 5;

Another quick and dirty way to optimize code is to reduce the use of exception calls. Exceptions deal with unexpected errors, a necessary evil in light of larger software these days. However, using exceptions can increase program size by up to 10% and programs run up to 10% slower.

For programmers who are confident of their code, and with more than sufficient testing, they can do away with exception calls. This is especially true if you do not rely on the use of core libraries, since many core libraries contain exception handling. You can avoid exceptions by not using "try", "throw" or "catch" in your own code or in core library code. Use the operator "new" with the "no_throw" specification and turn off exception handling in the compiler itself. This will speed up program execution.

When optimizing C++ or any other language code, it is important to know that you should not optimize it to the hardware platform. True optimization should be at the code level, targeted at the best use of code resources, without inference to any particular hardware platform. This is to ensure that your software can be used on any target platform compatible with your language, rather than relying on hardware-specific optimization which may fall apart on another platform (even if somewhat similar to yours), or face compatibility issues.

Dr Alan Kay fervently believes that the computing experience should embrace human potential and behavior, rather than forcing humans to adapt to the nuances and idiosyncrasies of computers.

Thus we, the programmers who create applications for users, must take the first bold step to ensure that whatever we create has the users' experience in mind. Otherwise, what good would a computer be other than an elitist tool?

Dr. Seamus Phan is a world-renowned authority on the technical security aspects of the Internet. Dr. Phan serves the BWW Society as Founder and Chairman of the Internet Security Committee, which is designed and conceived to gather and share information on the latest computer and Internet threats, to provide immediate information on technology’s newest developments in the prevention of Internet-related security problems, and to increase and enhance all forms of Internet Security.

[ back to "Publications & Special Reports" ]
[ BWW Society Home Page ]