Secure Coding mailing list archives
What's the next tech problem to be solved in software
From: bugtraq at cgisecurity.net (bugtraq at cgisecurity.net)
Date: Thu, 7 Jun 2007 21:10:05 -0400 (EDT)
On Wed, 6 Jun 2007, Wietse Venema wrote:more and more people, with less and less experience, will be "programming" computer systems. The challenge is to provide environments that allow less experienced people to "program" computer systems without introducing gaping holes or other unexpected behavior.I completely agree with this. This is a grand challenge for software security, so maybe it's not the NEXT problem. There's a lot of tentative work in this area - safe strings in C, SafeInt, StackGuard/FormatGuard/etc., non-executable data segments, security patterns, and so on. But these are "bolt-on" methods on top of the same old languages or technologies, and some of these require developer awareness. I know there's been some work in "secure languages" but I'm not up-to-date on it.
You may find this interesting as this is a subject I feel strongly about myself. http://www.qasec.com/cycle/securityframeworks.shtml - Robert http://www.cgisecurity.com/ http://www.qasec.com/
Current thread:
- What's the next tech problem to be solved in software security? Kenneth Van Wyk (Jun 06)
- What's the next tech problem to be solved in software security? Michael Silk (Jun 06)
- What's the next tech problem to be solved in software security? Wietse Venema (Jun 06)
- What's the next tech problem to be solved in softwaresecurity? Michael S Hines (Jun 06)
- What's the next tech problem to be solved in software security? Steven M. Christey (Jun 07)
- What's the next tech problem to be solved in software bugtraq at cgisecurity.net (Jun 07)
- What's the next tech problem to be solved in software security? Benjamin Livshits (Jun 07)
- What's the next tech problem to be solved in software security? Stephen de Vries (Jun 08)
- What's the next tech problem to be solved in software security? ljknews (Jun 08)
- What's the next tech problem to be solved in software security? der Mouse (Jun 09)
- What's the next tech problem to be solved in software security? ljknews (Jun 09)
- What's the next tech problem to be solved in software security? Leichter, Jerry (Jun 08)