Through lwn.net, the top 25 dangerous software Errors can be found here. Makes for some nice or frightening reading depending upon your point of view. It is a bit weird that
is still there and at an astounding 3rd place. I was under the impression that the new C/C++ standards would have done and fixed that at the compiler level or something of that sort. Again, assuming the bulk of these errors were in C/C++.
Makes me think that the OpenBSD folks were in the right to fix things by changing the insecure libraries so that this kind of error cannot be triggered at all.
And oh, I do like this one too
even mentioning espionage implications and Stuxnet.
Go on, read the full list here.
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
is still there and at an astounding 3rd place. I was under the impression that the new C/C++ standards would have done and fixed that at the compiler level or something of that sort. Again, assuming the bulk of these errors were in C/C++.
Makes me think that the OpenBSD folks were in the right to fix things by changing the insecure libraries so that this kind of error cannot be triggered at all.
And oh, I do like this one too
Use of Hard-coded Credentials
even mentioning espionage implications and Stuxnet.
Go on, read the full list here.
No comments:
Post a Comment