At 1:10 PM -0400 6/8/04, Jose Nazario wrote:
>thought some of you may find this editorial from the May 04 ACM Queue
>worth a read. ACM Queue is an interesting magazine and has a website at
>Buffer Overrun Madness
>ACM Queue vol. 2, no. 3 - May 2004
>by Rodney Bates, Wichita State University
>Why do good programmers follow bad practices?
>In January 2003, the Slammer worm was reported to be the fastest spreading
>ever. Slammer gets access by exploiting a buffer overrun. If you peruse
>CERT (Computer Emergency Readiness Team) advisories or security upgrade
>releases, you will see that the majority of computer security holes are
>buffer overruns. These would be minor irritations but for the world's
>addiction to the weakly typed programming languages C and its derivative

And yet this mailing list, supposedly devoted to secure coding,
seem polarized around the notion of shoring up those languages.

Reply via email to