At 11:01 AM -0700 6/11/03, Major Variola (ret) wrote:

At 03:39 PM 6/10/03 -0700, Bill Frantz wrote:

...

IMHO, the problem is that the C language is just too error prone to be used for most software. In "Thirty Years Later: Lessons from the Multics Security Evaluation", Paul A. Karger and Roger R. Schell <www.acsac.org/2002/papers/classic-multics.pdf> credit the use of PL/I for the lack of buffer overruns in Multics. However, in the Unix/Linux/PC/Mac world, a successor language has not yet appeared.

What about Java? Apart from implementation bugs, its secure by design.

Java is certainly an improvement for buffer overruns. (The last estimate I heard was that 1/3 of the penetrations were due to buffer overruns.) Java is still semi-intrepreted, so it is probably too slow for some applications. However Java is being used for server-side scripting with web servers, where the safety of the language is a definite advantage. Of course, when you cover one hole, people move on to others. Server-side Java is succeptable to SQL injection attacks for example. Cheers - Bill ------------------------------------------------------------------------- Bill Frantz | Due process for all | Periwinkle -- Consulting (408)356-8506 | used to be the | 16345 Englewood Ave. frantz@pwpconsult.com | American way. | Los Gatos, CA 95032, USA