This post originated from an RSS feed registered with Agile Buzz
by James Robertson.
Original Post: secure code is hard, says MS
Feed Title: Cincom Smalltalk Blog - Smalltalk with Rants
Feed URL: http://www.cincomsmalltalk.com/rssBlog/rssBlogView.xml
Feed Description: James Robertson comments on Cincom Smalltalk, the Smalltalk development community, and IT trends and issues in general.
Chris Brumme talks about security and MS code. Most of the article is pretty good, and very honest - as with discipline in a clasroom, it's hard to tighten up after a long period of laxness. Still, this bit tweaked me:
Unfortunately, this stuff is still way too difficult. It's a simple fact that only a small percentage of developers can write thread-safe free-threaded code. And they can only do it part of the time. The state of the art for writing 100% secure code requires that same sort of super-human attention to detail. And a hacker only needs to find a single exploitable vulnerability.
I do think that managed code can avoid many of the security pitfalls waiting in unmanaged code. Buffer overruns are far less likely. Our strong-name binding can guarantee that you call who you think you are calling. Verifiable type safety and automatic lifetime management eliminate a large number of vulnerabilities that can often be used to mount security attacks. Consideration of the entire managed stack makes simple luring attacks less likely. Automatic flow of stack evidence prevents simple asynchronous luring attacks from succeeding. And so on.
Yes, threaded code is hard. But, it would have been a lot easier had MS gotten a clue years ago and stopped using C and C++. We are going to be suffering from vulnerabilities for years because of that