Peter Amey wrote:
I'm not entirely sure I follow this. I _think_ you are saying:
"since we can't be sure that X is perfect (because it might have 5
remaining flaws) then there is no point in adopting it". You seem to
be saying that it doesn't matter if X is _demonstrably_much_better_
than Y, if i
At 1:02 PM -0700 7/1/04, Blue Boar wrote:
>ljknews wrote:
>> I think it will be properly considered when the most strict portion
>> of the software world is using language X. I have used many
>> programs where the flaws in the program make it clear that I care not
>> one whit about whether the au
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
> Behalf Of Blue Boar
> Sent: 01 July 2004 21:03
> To: ljknews
> Cc: [EMAIL PROTECTED]
> Subject: Re: [SC-L] ACM Queue article and security education
>
>
> ljknews wrote
> -Original Message-
> From: Blue Boar [mailto:[EMAIL PROTECTED]
> Sent: 01 July 2004 17:11
> To: Peter Amey
> Cc: [EMAIL PROTECTED]
> Subject: Re: [SC-L] ACM Queue article and security education
>
>
> Peter Amey wrote:
> > There are language
ljknews wrote:
I think it will be properly considered when the most strict portion
of the software world is using language X. I have used many
programs where the flaws in the program make it clear that I care not
one whit about whether the authors of that program have opinion about
anything I mig
At 9:10 AM -0700 7/1/04, Blue Boar wrote:
>Language X may very well be a much better starting point, I don't know. I do believe
>that it will never be properly looked at until the whole world starts using it for
>everything, though.
I think it will be properly considered when the most strict p
ssage-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Blue Boar
Sent: Thursday, July 01, 2004 11:11 AM
To: Peter Amey
Cc: [EMAIL PROTECTED]
Subject: Re: [SC-L] ACM Queue article and security education
Peter Amey wrote:
> There are languages which are more suitable for the constru
Peter Amey wrote:
There are languages which are more suitable for the construction of
high-integrity systems and have been for years. We could have
adopted Modula-2 back in the 1980s, people could take the blinkers of
prejudice off and look properly at Ada. Yet we continue to use
C-derived langua
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
> Behalf Of Michael S Hines
> Sent: 30 June 2004 17:00
> To: [EMAIL PROTECTED]
> Subject: RE: [SC-L] ACM Queue article and security education
>
>
> If the state of the art in au
I tend to wonder if I missed something along the way.
When I left the friendly confines of school back in '84 and entered the
wonderful world of "do or die" I was handed 2 sets of listings. One was only 8
inches high, the other was slightly over 15. Those were my 2 new systems and
they were writt
On Wednesday 30 June 2004 12:00, Michael S Hines allegedly wrote:
> And then a thought question - in message passing operating systems
> (those that respond to external stimuli, or internal message queues)
> - if one can inject messages into the processing queue, can't one in
> essence 'capture
If the state of the art in automobile design had progressed as fast as the
state of the art of secure programming - we'd all still be driving Model
T's.
Consider-
- System Development Methods have not solved the (security) problem -
though we've certainly gone through lots of them.
- Languag
Kenneth R. van Wyk wrote:
Overall, I like and agree with much of what Marcus said in the article.
I don't, however, believe that we can count on completely putting
security "below the radar" for developers. Having strong languages,
compilers, and run-time environments that actively look out fo
James Walden wrote:
I'd like to open a discussion based on this quote from Marcus Ranum's
ACM Queue article entitled "Security: The root of the problem":
Thanks. I also read Marcus's article with interest. Caveat: clearly, I
have a biased outlook, since software security training is one of the
Gee, Some of us have been saying that for 40 years.
At 8:10 PM -0400 6/29/04, James Walden wrote:
>While there are non-university classes and workshops that teach software security, I
>doubt that a majority of developers have attended even one such class. Software
>security has to be integrated into the CS curriculum before we can expect a major
16 matches
Mail list logo