>> This just emphasizes what we already knew about C, even the most >> careful, security conscious developer messes up memory management.
> However I think it is not really efficient at this stage to insist on secure > programming for submission implementations. For the simple reason that > there are 42 submissions, and 41 of those will be thrown away, more or less. > There isn't much point in making the 41 secure; better off to save the > energy until "the one" is found. Then concentrate the energy, no? Or stop using languages which encourage little oopsies like that. At the least, make it a standard practice to mock those who use C but don't use memory-safe libraries and diagnostic tools. Regards, SRF -- Neca eos omnes. Deus suos agnoscet. -- Arnaud-Amaury, 1209 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com