>> This just emphasizes what we already knew about C, even the most
>> careful, security conscious developer messes up memory management.

> However I think it is not really efficient at this stage to insist on secure
> programming for submission implementations.  For the simple reason that
> there are 42 submissions, and 41 of those will be thrown away, more or less.
>  There isn't much point in making the 41 secure; better off to save the
> energy until "the one" is found.  Then concentrate the energy, no?

Or stop using languages which encourage little oopsies like that. At
the least, make it a standard practice to mock those who use C but
don't use memory-safe libraries and diagnostic tools.


Neca eos omnes. Deus suos agnoscet. -- Arnaud-Amaury, 1209

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to