Slashdot Mirror

← Back to Stories (view on slashdot.org)

Gosling Claims Huge Security Hole in .NET

Posted by CowboyNeal on from the throwing-stones dept.

renai42 writes "Java creator James Gosling this week called Microsoft's decision to support C and C++ in the common language runtime in .NET one of the 'biggest and most offensive mistakes that they could have made.' Gosling further commented that by including the two languages into Microsoft's software development platform, the company 'has left open a security hole large enough to drive many, many large trucks through.'" Note that this isn't a particular vulnerability, just a system of typing that makes it easy to introduce vulnerabilities, which last time I checked, all C programmers deal with.

7 of 687 comments (clear)

  1. Phew! by rackhamh · · Score: 5, Funny

    Good thing Linux isn't written in...

    Oh. Never mind!

  2. Woah by pHatidic · · Score: 5, Funny

    CowboyNeal is defending Microsoft. Someone take a screengrab, Slashdot's been hacked!

  3. A truck, eh? by Faust7 · · Score: 5, Funny

    the company 'has left open a security hole large enough to drive many, many large trucks through.'"

    Like, say, a truck about the size of Sun's Java runtime environment.

    --
    The coolest voice ever.
  4. Homeowners!! Beware! by Stevyn · · Score: 4, Funny

    No longer should homes be built using nails. All new homes should be built with really strong glue. Even though nails are faster and easier to work with, a carpenter might accidentally smash his thumb with a hammer. Plus, nails contain metal which may warp your home in the event a huge magnet is placed near the house.

    --The Elmer's Glue Foundation for Strength and Security

  5. I believe Gosling is wrong by frovingslosh · · Score: 5, Funny
    James Gosling this week called Microsoft's decision to support C and C++ in the common language runtime in .NET one of the 'biggest and most offensive mistakes that they could have made.'

    Gosling is dead wrong. I believe that Microsoft will soon prove they are capable of even bigger and more offensive security mistakes.

    Also, the choice to actually use .NET is at least as big of a security error.

    --
    I'm an American. I love this country and the freedoms that we used to have.
  6. pots and kettles, you know... by 1nv4d3r · · Score: 3, Funny

    I guess that's why there's no java native interf...

    oh. nevermind.

  7. Gosling Emacs security holes + spyware + malware! by SimHacker · · Score: 3, Funny

    Gosling Emacs (written by none other than James Gosling) has many HUGE security holes that you can pilot an aircraft carrier through.

    Emacs has a notorious "shell" facility that can actually run a shell and send it arbitrary commands!!!

    In fact, there's even a built-in scripting langauge called "Mocklisp" that enables hackers and viruses to totally reprogram the behavior of the editor (and it looks like Lisp, but without any of those confusing lexical closures and list processing functions).

    Gosling Emacs is actually spyware, because it has a hidden "keyboard macro" facility that can spy on every character you type! Emacs is also malware, because at any point it can instantly undo any editing changes you've made!

    One of the biggest most offensive mistakes is that James Gosling has not fixed these huge security holes in Emacs, after all these years. In fact, many of the security holes have been reimplemented in another notorious piece of communist spyware called Gnu Emacs!

    All Emacs should be banned!!!

    -Don

    --
    Take a look and feel free: http://www.PieMenu.com