Re: If It Ain't Broke, Don't Fix It, Or Why I've Chosen to Lern VB6
Orko, what is your background experience with computer security? I'm not intending for that question to sound rude, but I'm starting to think some of your "exploit" and "vulnerabilities" concerns are rooted more in fiction than in how they actually work. For example, I've spoken to many real people who believe a hacker can cause their home's lights to go on and off, refrigerator door to open and close, and steer their car, because they've seen such things in television shows and have no idea how things work in real life. Your concerns are not to that same extreme, but you're leaning pretty far off from the real life risks of software exploits and vulnerabilities.
The closest situation that really can cause problems is when your software is hosting something online and will interact with other people who may wish to cause harm. Even when this is the case, the harm they can cause is almost always to the database your program is reading and writing information to. If you wrote a web server I may be able to use some problem with how you coded it, or some known problem with the language, to trick your program into doing something you did not intend for it to do. Those tricks will almost always be me getting your program to delete entries from its own database, tell me information from that database I do not normally have access to, or to write in information I want added.
People like to look at adobe flash as an example of how someone can use a software exploit to run malicious software on your computer, which is true. In the web server example someone may be able to trick the program into reading, writing, and deleting from its database because those are the functions your web server already does. Flash is designed to be able to download files, run those files, and even run scripted commands based on information it receives online. It's not a flaw in the language Flash was written in, it's a flaw in it's overall design. Because it is actually designed to do those pretty important and far-reaching tasks based on information it can receive online, if you can fool it into listening to your instructions then you can get it to do any combination of those things you wish.
So the language is almost never the problem, the problem is the programmer. Exploits and vulnerabilities almost always just find a way to trick the program into doing what you asked rather than what it was supposed to do, but its abilities are literally limited to what you designed it to be able to do. Even when the TV show hacker is the most skilled hacker on the planet, he can't make your refrigerator door open and close if the fridge isn't designed to open and close the door automatically through digital commands.
_______________________________________________ Audiogames-reflector mailing list Audiogames-reflector@sabahattin-gucukoglu.com https://sabahattin-gucukoglu.com/cgi-bin/mailman/listinfo/audiogames-reflector
