On 17 Sep 2003, at 11:03pm, [EMAIL PROTECTED] wrote: > I'd say that it was more "unfortunate" than "bad". Writing useful, > correct, and secure software isn't easy.
True. If this was some subtle design flaw, I'd be a lot more understanding. But all three of these vulnerabilities were *buffer overflows*. For crying out loud! We're coming up on the 50 year mark for programmable, commercial, digital computers. In half a century, we still haven't figured out something as radical as *bounds checking*? Come on! Has anyone written "Runtime environments without automatic bounds checking considered harmful" yet? 'cause I'm starting to think it needs to be. Maybe we should just rewrite everything above the most basic levels in <insert scripting language of your choice here>, since's it's pretty obvious we can't trust programmers to actually write code that works worth a damn. -- Ben, who has had a very long and frustrating day dealing with all manner of crappy code from all manner of sources (And yes, I know there's no silver bullet. I'm not really serious. I think.) -- Ben Scott <[EMAIL PROTECTED]> | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | _______________________________________________ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss