Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
Too Cool For Secure Code
Jon Lasser, 2003-03-26

Until Unix and Linux programmers get over their macho love for low-level programming languages, the security holes will continue to flow freely.

Comments Mode:
Too Cool For Secure Code 2003-03-26
Anonymous (3 replies)
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-28
DrNerdware
Too Cool For Secure Code 2003-03-28
Anonymous
Too Cool For Secure Code 2003-03-26
Anonymous (4 replies)
Too Cool For Secure Code 2003-03-27
Anonymous (1 replies)
Don't Forget Ada! 2003-04-02
StealthBadger
Solving the problem 2003-03-27
Peter Ross
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous (1 replies)
Too Cool For Secure Code 2003-04-07
jhon blacken
That's the wrong attitude. 2003-03-26
Anonymous (26 replies)
That's the wrong attitude. 2003-03-27
Anonymous
Secure languages? 2003-03-27
Anonymous
That's the wrong attitude. 2003-03-27
Anonymous
That's the wrong attitude. 2003-03-27
dbtid (1 replies)
That's the wrong attitude. - haha, time to upgrade 2003-03-30
Anonymous (1 replies)
That's the wrong attitude. - haha, time to upgrade 2003-04-01
Penguinisto
That's the wrong attitude. 2003-03-27
Anonymous
ok but... 2003-03-27
SeJo
Re: That's the wrong attitude. 2003-03-27
George Barbarosie
That's the wrong attitude. 2003-03-27
Listener
Tools matter 2003-03-27
Jon
You are an idiot (or a troll). 2003-03-27
Anonymous
That's the wrong attitude. 2003-03-27
Anonymous
Re: That's the wrong attitude. 2003-03-27
CondorDes
That's the wrong attitude. 2003-03-27
Anonymous
That's the wrong attitude. 2003-03-27
Ron
Re:That's the wrong attitude. 2003-03-27
Anonymous
That's the wrong attitude. 2003-03-28
Anonymous
That's the wrong attitude. 2003-03-28
DrNerdware
That's the wrong attitude. 2003-03-28
Anonymous
Obsolete thinking. 2003-03-28
Anonymous
That's the wrong attitude. 2003-03-28
Anonymous
That's the wrong attitude. 2003-03-28
Anonymous
That's the wrong attitude. 2003-03-28
Anonymous
That's the wrong attitude. 2003-03-28
Anonymous
Type safety is good 2003-03-28
Anonymous
Real issue: don't make the same mistakes. 2003-03-29
Anonymous
The problem isn't a poor choice of tools or programmer egotism. The problem is laziness.

When a diligent rogrammer finds a bug, he scans the full source looking for additional instances of the same defect. He then thinks of one common way to fix all instances and to prevent them in the future.

But most programmers are lazy, and most commercial software makers have a policy of spending absolute minimum time and effort on any issue. If they find a bug, they just fix that one specific bug and forget about it. So the same bug is just as likely to show up multiple times in the future.



[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/150/19041#19041
I totally agree 2003-04-08
Anonymous
Nonsense 2003-03-26
Anonymous
Too Cool For Secure Code 2003-03-26
Anonymous
Too Cool For Secure Code 2003-03-26
Anonymous
Too Cool For Secure Code 2003-03-26
Anonymous
Too Cool For Secure Code 2003-03-26
Anonymous (1 replies)
Too Cool For Secure Code 2003-03-31
SK
Too Cool For Secure Code 2003-03-26
Anonymous
Too Cool For Secure Code 2003-03-26
Anonymous
Too Cool For Secure Code 2003-03-26
mk
Slow news day? 2003-03-27
TJ Miller jr
Too Cool For Secure Code 2003-03-27
Marion De Liau (1 replies)
Too Cool For Secure Code 2003-03-31
Anonymous
Strong Typing, etc. 2003-03-27
RC
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Right idea, wrong solution 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Fra. 219
This is hogwash... I guess we should all use VB? That's High Level and we know how "bug" free that is. 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
so pilots can't really fly? 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Work at a C shop guys? 2003-03-27
Anonymous
Oh Boy 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Shawn
This is exactly right. 2003-03-27
Anonymous
Johnathan Lasser Isn't a a Programmer 2003-03-27
Someone Who Actually Writes Code (1 replies)
Johnathan Lasser Isn't a a Programmer 2003-04-02
Anonymous
Too Cool For Secure Code 2003-03-27
Das Megabyte (1 replies)
Too Cool For Secure Code 2003-04-08
ibanix
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Tirs
Too Cool For Secure Code 2003-03-27
Dave
Too Cool For Secure Code 2003-03-27
Ivan Vecerina
Too Cool For Secure Code 2003-03-27
Anonymous
Crap 2003-03-27
terber
christ, what a whinger 2003-03-27
mark hahn (hahn@mcmaster.ca)
Too Cool For Secure Code 2003-03-27
Anonymous
Syte and Methodology not the Tool 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
I Dont Think So 2003-03-27
Randy LeJeune
Too Cool For Secure Code 2003-03-27
X-Nc
Too Cool For Secure Code 2003-03-27
Kirk Rafferty (kirk_at_rafferty.org)
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Things should change 2003-03-27
Matthew B
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
I agree entirely 2003-03-27
Iain Collins (iain_collins@mac.com)
Too Cool For Secure Code 2003-03-27
Anonymous
Thats the _right_ attitude 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Sticks-and-Stones programming tools 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Higher level languages also insecure 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Bad code is a result of a poor development process 2003-03-27
c0d3cr33p@hotmail.com
Too Cool For Secure Code 2003-03-27
Synonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
simply sloppy programming 2003-03-27
rishab
Its not macho love its SKILLS! 2003-03-27
Anonymous
Silly 2003-03-27
Anonymous
Boo. 2003-03-27
Anonymous
(sigh) 2003-03-27
grey
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
I agree 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
It's Too Cool To Criticize Programmers 2003-03-27
PipTigger
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Java as a solution 2003-03-27
Anonymous
Many scripting languages don't scale 2003-03-27
PyMan
Too Cool For Secure Code 2003-03-27
Anonymous
MS security much worse. 2003-03-27
Ron
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
No.. No.. No.. 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too cool for secure code 2003-03-27
Ben
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-27
Anonymous
Partially true 2003-03-27
Anonymous
Too Cool For Secure Code 2003-03-28
Anonymous
Too Cool For Secure Code 2003-03-28
Anonymous
Too Cool For Secure Code 2003-03-28
Anonymous
Couldn't agree more 2003-03-28
Anonymous
Software responsibilities 2003-03-28
Anonymous
Blame the coder, not the language 2003-03-28
Anonymous
Alternatives? 2003-03-28
Anonymous
Too Cool For Tested Code? 2003-03-28
Werm
Too Cool For Secure Code 2003-03-28
Lee Reynolds
Stupidest piece I have ever read. 2003-03-28
Anonymous
Too Cool? No, not really. 2003-03-28
clee
Stop wasting electrons and our time 2003-03-28
Anonymous
Too Cool For Secure Code 2003-03-28
Anonymous
Too Cool For Secure Code 2003-03-28
Anonymous
Too Cool For Secure Code - Wise Words 2003-03-28
DrNerdware
Too Cool For Secure Code 2003-03-28
Angelos Karageorgiou
Too Cool For Secure Code 2003-03-28
Philips
Too Cool For Secure Code 2003-03-28
Anonymous
Way Kewl For Secure Code 2003-03-28
fnaaijkens@ultihouse.com
Too Cool For Secure Code 2003-03-28
Anonymous
For what it's worth, RPC wasn't 2003-03-28
Anonymous
Too Cool For Secure Code? My two cents 2003-03-28
Anonymous
Too Cool For Secure Code 2003-03-28
vijeno <vijen0@yahoo.com>
Too Cool For Secure Code 2003-03-28
Anonymous
Too Cool For Secure Code 2003-03-28
Anonymous
Too Cool For Secure Code 2003-03-28
Anonymous
Too Cool For Secure Code 2003-03-28
Anonymous
User clients are rarely security risks 2003-03-28
Anonymous
Too Cool For Secure Code 2003-03-28
Anonymous
Too Cool For Secure Code 2003-03-28
Anonymous
Re: Too Cool For Secure Code 2003-03-28
Anonymous
Too Cool For Secure Code 2003-03-29
Anonymous
That was a joke ? 2003-03-29
Anonymous
Too Cool For Secure Code 2003-03-29
blacklight
I Agree 2003-03-29
LesPaul
Too Cool For Secure Code 2003-03-29
Not Really Anonymous
Too Cool For Secure Code - USE VB! 2003-03-30
Anonymous (1 replies)
Too Cool For Secure Code - USE VB! 2003-04-01
Anonymous
goto india; 2003-03-30
mummer the bard
Portability, efficentcy, hot air 2003-03-31
jthomas@poweronemedia.com
Too Cool For Secure Code 2003-03-31
G. Bailey Childs
Why say it's just Linux/unix? 2003-04-01
Ally
Too Cool For Secure Code 2003-04-01
Anonymous (1 replies)
Too Cool For Secure Code - uh, yeah no shit 2003-04-01
Anonymous
Too Cool For Secure Code -- Only Unix and Linux? 2003-04-02
winklessd@netscape.com
This is so funny - linux on linux battle 2003-04-02
Anonymous (1 replies)
This is so funny - linux on linux battle 2003-04-03
Anonymous (1 replies)
This is so funny - linux on linux battle 2003-04-03
Anonymous
The article reflets the writers inexperience 2003-04-08
Anonymous







 

Privacy Statement
Copyright 2008, SecurityFocus