Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Do You Know Your Code is Secure?

Posted by ryuzaki0 on from the batten-down-the-hatches-mates dept.

bvc writes "Marucs Ranum notes that 'It's really hard to tell the difference between a program that works and one that just appears to work.' He explains that he just recently found a buffer overflow in Firewall Toolkit (FWTK), code that he wrote back in 1994. How do you go about making sure your code is secure? Especially if you have to write in a language like C or C++?"

5 of 349 comments (clear)

  1. Code schmode by Anonymous Coward · · Score: -1, Offtopic

    Zonk and other slashdot editors can't even check taht the spelling in article submissions is correct. What chance would a mere mortal have of checking taht his code was bug-free?

  2. Zonk, Oink! by Anonymous Coward · · Score: -1, Offtopic

    First step is to check for no typos.

    -- Mr "taht"

  3. Re:Grammar by Bob54321 · · Score: -1, Offtopic

    I do believe there is a difference between grammar and spelling, although I do not claim to be good at either.

    --
    :(){ :|:& };:
  4. Re:The only sure way I know of: Lambda calculus by Anonymous Coward · · Score: -1, Offtopic

    Sucking the functional dick is not going to earn you fast points here on Slashdot. Just saying.

  5. typos by thegnu · · Score: 0, Offtopic

    Marucs Ranum notes taht...

    I'm not one to orthography-Nazi up a place, but how are we going to fool the noobs into thinking we're better than them with editors overlooking such blatant typos as the above?

    --
    Please stop stalking me, bro.