Re: Is OpenSSH the new Microsoft?
On 17 Sep 2003, at 11:03pm, [EMAIL PROTECTED] wrote: I'd say that it was more unfortunate than bad. Writing useful, correct, and secure software isn't easy. True. If this was some subtle design flaw, I'd be a lot more understanding. But all three of these vulnerabilities were *buffer overflows*. For crying out loud! We're coming up on the 50 year mark for programmable, commercial, digital computers. In half a century, we still haven't figured out something as radical as *bounds checking*? Come on! Has anyone written Runtime environments without automatic bounds checking considered harmful yet? 'cause I'm starting to think it needs to be. Maybe we should just rewrite everything above the most basic levels in insert scripting language of your choice here, since's it's pretty obvious we can't trust programmers to actually write code that works worth a damn. -- Ben, who has had a very long and frustrating day dealing with all manner of crappy code from all manner of sources (And yes, I know there's no silver bullet. I'm not really serious. I think.) -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Is OpenSSH the new Microsoft?
Ben Scott commented: On 17 Sep 2003, at 11:03pm, [EMAIL PROTECTED] wrote: I'd say that it was more unfortunate than bad. Writing useful, correct, and secure software isn't easy. True. If this was some subtle design flaw, I'd be a lot more understanding. But all three of these vulnerabilities were *buffer overflows*. For crying out loud! We're coming up on the 50 year mark for programmable, commercial, digital computers. In half a century, we still haven't figured out something as radical as *bounds checking*? Come on! Has anyone written Runtime environments without automatic bounds checking considered harmful yet? 'cause I'm starting to think it needs to be. You're most of the way there, Ben. Take the last step. The fault lies with.. C. Runtime environments (and languages) which were incapable by design of pointer errors have existed and have been used for implementation of systems large and small for more than your half a century. My own first professional language was COBOL - which for all its faults was incapable of buffer overflows. This was (in my case) in 1963. There are very few ways to get buffer overflows. 1. Use assembly language. 2. Use C. What's depressing is that we keep doing the same thing over again (we'll still use C, but we'll be really careful this time, or we'll use Purify, or...) and expecting a different result. I've read that this is one definition of insanity. Writing correct, secure software isn't easy. Writing software which doesn't overrun buffers IS easy. -Bill Who used assembly language to build OSs for 15 years And who has overrun his share of buffers ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Is OpenSSH the new Microsoft?
[EMAIL PROTECTED] (Bill Sconce) writes: There are very few ways to get buffer overflows. 1. Use assembly language. 2. Use C. Obviously, in many circles, C is referred to as high-level assembly language... What's depressing is that we keep doing the same thing over again (we'll still use C, but we'll be really careful this time, or we'll use Purify, or...) and expecting a different result. I've read that this is one definition of insanity. If somebody were to wave a magic wand and magically add bounds checking to all C implementations, I'd still feel more comfortable if people were to attack these problems by adjusting their development and testing methodologies. Writing correct, secure software isn't easy. Writing software which doesn't overrun buffers IS easy. I wouldn't say that the latter case is easy either. Writing such code requires a lot of attention to detail. Regards, --kevin -- If you want to program in C, program in C. It's a nice language. I use it occasionally... :-) --Larry Wall in [EMAIL PROTECTED] ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Is OpenSSH the new Microsoft?
On Fri, 19 Sep 2003, at 9:50am, [EMAIL PROTECTED] wrote: You're most of the way there, Ben. Take the last step. The fault lies with.. C. I know it is possible to design a C environment (compiler and runtime) that supports bounds checking and other automatic error checking features. I believe the language spec is designed to make that possible. (I know the C++ spec is.) All such environments that I have heard of run dog slow, but I suspect that is because they were retro-fitted onto existing, traditional C environments rather then being built that way from the start. I'd argue that it would be a lot more practical to design a workable C environment which protects against this kind of thing then it would be to re-implement the world in another language. -- Ben Scott [EMAIL PROTECTED] | The opinions expressed in this message are those of the author and do | | not represent the views or policy of any other person or organization. | | All information is provided without warranty of any kind. | ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Is OpenSSH the new Microsoft?
http://www.openpkg.org/security/OpenPKG-SA-2003.040-openssh.html http://bugs.debian.org/211434 3rd one in two days... that's just bad. ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Is OpenSSH the new Microsoft?
Travis Roy [EMAIL PROTECTED] writes: 3rd one in two days... that's just bad. I'd say that it was more unfortunate than bad. Writing useful, correct, and secure software isn't easy. Regards, --kevin -- Kevin D. Clark / Cetacean Networks / Portsmouth, N.H. (USA) cetaceannetworks.com!kclark (GnuPG ID: B280F24E) alumni.unh.edu!kdc ___ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss