lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <00fe01c33ff1$a09bf730$01010101@bitchin>
From: mfratto at nwc.com (Mike Fratto)
Subject: Microsoft Cries Wolf ( again )

 
> Along these lines, if the C programming language had a proper 
> string data type from day one, buffer overflows would be much 
> less common today.  

Not to get into a religious argument over this, but if programmers did
proper data scrubbing and bounds checking regardless of the language, there
wouldn't be much of a problem either. Granted, I am not uber programmer (I
have hacked together proggies of a couple of thousand lines for my own use
and I am sure there were lots of problems in them) but even being self
taught, I learned to do data scrubbing and bounds checking just for
reliability. I have to think it is taught in programming 101.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ