Slashdot Mirror

← Back to Stories (view on slashdot.org)

Blame Bad Security on Sloppy Programming

Posted by simoniker on from the all-your-fault dept.

CowboyRobot writes "ACM Queue has an article that blames security flaws on poor programming, rather than any inherent problems with particular languages. From the article: 'Remember Ada? ... we tried getting everyone to switch to a 'sandboxed' environment with Java in the late 1990s... Java worked so well, Microsoft responded with ActiveX, which bypasses security entirely by making it easy to blame the user for authorizing bad code to execute.'"

10 of 592 comments (clear)

  1. It is time by roman_mir · · Score: 4, Interesting

    It is time to create an official Engineering Certification for software designers/developers, the certified Engineer will have to be financially responsible (insurance etc.) for their creations.

    I would like to see that happen, anyone else?

    --
    You can't handle the truth.
  2. It Rolls Downhill? by stinkyfingers · · Score: 4, Interesting
    There's the old maxim that "shit rolls down hill". Let's change it to "shit stays at the lowest part of the valley".

    When will we see "ACM Queue has an article that blames security flaws on HR departments and middle management?"

  3. Re:ActiveX a response to Java? by StephenLegge · · Score: 5, Interesting

    I think the writer meant ActiveX was Microsoft's response to Java *Applets*.

    Java Applets had a well-defined and flexible security API that provided fine-grained set of privaleges for what an Applet could do on the user's system.

    To combat Applets, Microsoft implemented ActiveX with brain-dead all-or-nothing approach that is still used today ("Do you want to trust whoever wrote this to do anything they want to your system? Yes / No"). Then Microsoft forced Java Applets to work the same brain-dead all-or-nothing way in IE.

    SLL

  4. Ada's strengths, Ada's problems by Anonymous Coward · · Score: 5, Interesting
    Ada as a language roughly equivalent to C++ in form and expressiveness. Ada goes beyond C++ in that it allows one to more tightly specify constraints on data and to have these constraints automatically checked and enforced. That is the basic strength of Ada.

    The weakness of Ada is its woefully outdated standard libraries which are more oriented to a 1960s mainframe view of the world. There are no containers, no STL, no general algorithms. That is the weakness of Ada.

    If Ada had the powerful standard libraries which C++ has, that combined the safety of Ada would make it a first choice for many programming tasks. Ada can still deliver on bug free programming. But it lacks the scaffolding needed for 21st century projects.

  5. Boost is working on a replacement for C strings by Animats · · Score: 5, Interesting
    Over in the Boost sandbox, some of us are working on C++ classes to replace C strings in existing code. The usual C string operations (sprintf, strcat) work, but they're all protected against overflow. The idea is that you replace just the declarations, and the code either becomes safe or won't compile. So
    • char s1[80];
      ...
      void foo(char* out, char* in)
      { sprintf(s,"In = %s\n",in); }
    which has a risk of buffer overflow, becomes
    • char_string<80> s1;
      ...
      void foo(char_string_base& s)
      { sprintf(s,"In = %s\n",in); }
    which will truncate the string at the specified length. Note that the "sprintf" line hasn't changed. So you don't have to rewrite complex formatting code. Changing the declarations does the job.

    The new "sprintf" is actually an overload on fixed_string.

  6. Engineering standards by Raul654 · · Score: 4, Interesting

    Speaking as a computer engineer who passed the FE (on my first try) - the FE is most definitely biased in favor of civil and mechanical engineers, and against electrical and chemical. That being said, there's really very little incentive for EEs to take it. The only things you need it for are government work or testifying in court.

    However, it really gets under my skin when people call themselves "engineers" and they have *no clue* about engineering in general. In texas, they had a school collapse and kill 100 children because the guy who designed it wasn't a real engineer. As a result, they passed the toughest engineering-standards legislation in the country - if you call yourself an engineer and you are not certified (that is, you have not passed the PE) then you go to jail.

    --


    To make laws that man cannot, and will not obey, serves to bring all law into contempt.
    --E.C. Stanton
  7. The author simply doesn't get it by javajedi · · Score: 5, Interesting

    "We need to be realistic in recognizing that we're stuck with a set of languages and environments that are not susceptible to a massive change."
    This is a huge cop-out. Buffer overflows simply can not happen in Java. The same goes for almost all of the security problems that are turned into exploits these days. Instead of applying patches to compilers and yelling at ignorant developers, how about just switching to a development language and runtime environment (e.g. Java and its Virtual Machine) that simply doesn't allow these kinds of mistakes to be made?

  8. Define secure. by bs_02_06_02 · · Score: 4, Interesting

    Define secure.

    I can guarantee that a developer and a customer will have two different definitions of secure. And, the cost will be more than the customer will want to pay.

    How many customers can write a scope of work, send it off to a developer, and get a proper quote for a project that includes adequate security? How many customers actually remember to ask for security? Or if they do, do they put enough priority on security?

    I bet the answer is very few. I know from past experience that most customers take the cheapest bid. The cheapest bid is usually the one that is skipping something, and the easiest thing to skip is security. If the customer didn't ask for it, is the developer responsible? Is Micro$haft reponsible? Nope. Security is not in their project. They want speed. So, there's always a niche for ActiveX. Microsoft knows they can undercut someone's cost because security isn't an issue.

    And everyone complains about Microsoft's future security ideas. Well, what do people really want? Security? Or no security?

    --
    -- No sig for you!
  9. Re:Well no Sh!* ! by doinky · · Score: 4, Interesting
    The "lesson" most CEOs learn from an unsuccessful software project which failed due to one or more of the reasons you cite is:

    "software people are worthless".

    except he'd insert "shit" for "worthless". In this country (USA), the people responsible for the failures of these types of projects are never held accountable in a way that makes it possible to the next executive to learn from their mistakes.

    Some days working in this industry feels like the story of Sisyphus

  10. Re:I only read the first page... by I8TheWorm · · Score: 4, Interesting

    Being a coder, I'll own up to having written bad code in the past. I even tried justifying it at times with "but I had a deadline" or "I tried to plead my case but management wouldn't listen" or other drabble.

    These days, I simply won't take work from people who demand I write code their way, or impose unreasonable deadlines. Even in the programming decline since 2001 (it's bounced back well this year) I refuse to compromise my work because of someone elses ideas/deadlines/etc... because the end result is a reflection on me.

    I like to think most programmers, early on at least, went through the same thing, but I could be wrong. It had nothing at all to do with having to build experience before I knew anything about the necessity of writing apps with security in mind. Rather, it had to do with needing work and compromising my own principles to gain employment.

    --
    Saying Android is a family of phones is akin to saying Linux is a family of PCs.