Symantec CTO on Flash Attacks
scubacuda writes "Robert Clyde, CTO of Symantec, recently warned an audience at the United Nations that there's an increasing gap between the speed at which attacks are being launched and the industry's ability to respond. Most attacks on Web sites are classified as Class III threats because they tend to take several hours/days to execute. Recently, however, Class II "Warhol attacks"--such as the SQL Slammer worm that make themselves famous in 15 minutes--have emerged. Before long, Clyde predicts that groups of well-funded hackers working in concert will be able to launch Class I "Flash attacks." To combat this, Clyde says that patches would need to be developed more quickly and deployed continuously in an automated mode. Admins would need better ways of locking down networks so an attack on one router is automatically recognized by all routers on the network; throttling back the throughput of suspicious packets on the network in order to limit damage; automating tools for ensuring that all network clients are compliant with security policies; and creating Web services technologies that do not interfere with application performance."
The time has come for a serious discussion on whether or
not to continue using C for serious programming projects. As I will
explain, I feel that C needs to be retired, much the same way that
Fortran, Cobol and Perl have been. Furthermore, allow me to be so bold
as to suggest a superior replacement to this outdated language.
To give you a little background on this subject, I was recently asked
to develop a client/server project on a Unix platform for a Fortune
500 company. While I've never coded in C before I have coded in VB for
fifteen years, and in Java for over ten, I was stunned to see how
poorly C fared compared to these two, more low-level languages.
C's biggest difficulty, as we all know, is the fact that it is by far
one of the slowest languages in existance, especially when compared to
more modern languages such as Java and C#. Although the reasons for
this are varied, the main reasons seems to be the way C requires a
programmer to laboriously work with chunks of memory.
Requiring a programmer to manipulate blocks of memory is a tedious way
to program. This was satisfactory back in the early days of coding,
but then again, so were punchcards. By using what are called
"pointers" a C programmer is basically requiring the computer to do
three sets of work rather than one. The first time requires the
computer to duplicate whatever is stored in the memory space "pointed
to" by the pointer. The second time requires it to perform the needed
operation on this space. Finally the computer must delete the
duplicate set and set the values of the original accordingly.
Clearly this is a horrendous use of resources and the chief reason why
C is so slow. When one looks at a more modern (and a more serious)
programming language like Java, C# or - even better - Visual Basic
that lacks such archaic coding styles, one will also note a serious
speed increase over C.
So what does this mean for the programming community? I think clearly
that C needs to be abandonded. There are two candidates that would be
a suitable replacement for it. Those are Java and Visual Basic.
Having programmed in both for many years, I believe that VB has the
edge. Not only is it slightly faster than Java its also much easier to
code in. I found C to be confusing, frightening and intimidating with
its non-GUI-based coding style. Furthermore, I like to see the source
code of the projects I work with. Java's source seems to be under the
monopolistic thumb of Sun much the way that GCC is obscured from us by
the marketing people at the FSF. Microsoft's "shared source" under
which Visual Basic is released definately seems to be the most fair
and reasonable of all the licenses in existance, with none of the
harsh restrictions of the BSD license. It also lacks the GPLs
requirement that anything coded with its tools becomes property of the
FSF.
I hope to see a switch from C to VB very soon. I've already spoken
with various luminaries in the C coding world and most are eager to
begin to transition. Having just gotten off the phone with Mr. Alan
Cox, I can say that he is quite thrilled with the speed increases that
will occur when the Linux kernel is completely rewritten in Visual
Basic. Richard Stallman plans to support this, and hopes that the
great Swede himself, Linux Torvaldis, won't object to renaming Linux
to VB/Linux. Although not a C coder himself, I'm told that Slashdot's
very own Admiral Taco will support this on his web site. Finally,
Dennis Ritchie is excited about the switch!
Thank you for your time. Happy coding.
I'm not Seth.
< Symantec sux >
---------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
The cow is brought to you by the Open Trolls Movement (tm)
CHECK THE PREVIEW OF THE UPCOMING OPEN TROLLS MOVEMENT (tm) WEBSITE AT http://opentrolls.free.fr !
Always the same old shit from those fat fucks.
Version 0.1
:
Copyright (c) 2003 Open Trolls Movement. All rights reserved.
Preambule
If you don't respect this license, the Open Trolls Movement (tm) will sue YOU to death!
Be warned! We take our intellectual property very seriously and we won't accept any infringement of our rights.
Redistribution and use of OTM trolls, with or without modification, are permitted provided that the following conditions are met
1. You are a certified member of the Open Trolls Movement (tm).
2. Redistributions of trolls must include at the end "-- Brought to you by the Open Trolls Movement (tm)".
3. Redistributions of trolls must include your OTM Certified Trollah ID.
4. You are encouraged to include a link to the Open Trolls Movement (tm) homepage (ie. http://opentrolls.int.ms/ ).
THIS TROLLS IS PROVIDED "AS IS" AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OPEN TROLLS MOVEMENT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Copyright © 2003 by the Open Trolls Movement
The contents of this website are licensed under the Open Trolls License version 0.1.
well-funded hackers working in concert..
Launch from multiple points at once?
Yes, numbnuts.
- Homogeneous is bad.
- Heterogeneous is good.
Any schoolboy knows that.Haha! Microsoft sucks!
nt