Blue Boar wrote:
I seriously doubt that there is a programming language that can do
anything useful that one can't do something stupid with.
Gödel's Incompleteness Theorem: no non-trivial logic system can be both
consistent (all proven theorems are true) and complete (all true
theorems are prova
Blue Boar wrote:
To clarify, I'm talking about things like passing unfiltered user input
to a system shell, or a native API, something like that.
True. In the case of passing a user input string to the shell or a database
server, you're accepting what's potential a program as input. However, if
Peter Amey wrote:
I would assert that using SPARK it is very /hard/ to something stupid
and /impossible/ to do something stupid that wouldn't be obvious to
the SPARK Examiner tool. In fact, the only way I can think of doing
so would be to construct a formal specification for stupidity and
then cor
At 2:37 PM +0100 6/29/04, Peter Amey wrote:
>> [mailto:[EMAIL PROTECTED]
>> Behalf Of Blue Boar
>> I seriously doubt that there is a programming language that can do
>> anything useful that one can't do something stupid with. Never bet
>> against the quality of idiots available in the world. :
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
> Behalf Of Blue Boar
> Sent: 28 June 2004 21:35
> To: Kenneth R. van Wyk
> Cc: [EMAIL PROTECTED]
> Subject: Re: [SC-L] SPI, Ounce Labs Target Poorly Written Code
>
>
> Kenneth
Kenneth R. van Wyk wrote:
The article quotes SPI Dynamics' CTO
as saying, "It doesn't require developers to learn about security," which
strikes me as being a rather bold statement.
I seriously doubt that there is a programming language that can do
anything useful that one can't do something stu