lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20060622121512.95535.qmail@web38915.mail.mud.yahoo.com>
Date: Thu, 22 Jun 2006 13:15:12 +0100 (BST)
From: john mullee <jmullee@...oo.com>
To: Darren Reed <avalon@...igula.anu.edu.au>,
	bugtraq@...urityfocus.com
Subject: Re: PHP security (or the lack thereof)


--- Darren Reed <avalon@...igula.anu.edu.au> wrote:
> From my own mail archives, PHP appears to make up at least 4%
> of the email to bugtraq I see - or over 1000 issues since 1995,
> out of the 25,000 I have saved.
> 
> People complain about applications like sendmail...in the same
> period, it has been resopnsible for less than 200.
> 
> Do we have a new contender for worst security offender ever
> written ?

I guess most of the remaining offending apps were written in C: as much as 96% ?!!
(including basically all of microsoft's stuff!!)

Surely the least secure language of all time !!!

Note also that no vulnerable apps were written in:
 - cobol, rpg3, prolog, ada, scheme, lisp, pl/1, occam, modula-2, or MIX

We're planning to roll out our next enterprise ecommerce grid as a set of
modula-2 plugins to cobol-based container controlled by a dynamic gridded
application matrix written in prolog, all running on highly parallel
lisp machines.

;)

john


	
	
		
___________________________________________________________ 
All new Yahoo! Mail "The new Interface is stunning in its simplicity and ease of use." - PC Magazine 
http://uk.docs.yahoo.com/nowyoucan.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ