[Techtalk] Theory vs. practice
jhamilto at n2h2.com
jhamilto at n2h2.com
Mon Jan 14 11:15:07 EST 2002
>Yes, but programmers aren't being taught how to avoid these coding
>errors, or what errors to avoid.
Are you serious? That makes so much more sense. As a sysadmin, It's so frustrating to see buffer overflow problems occuring over and over again, when it seems like 'buffer overflow' lecture would be the first ones taught to a programmer. I shouldn't make such assumptions, since I've never taken a programming course. (okay, pascal WAY back when, but I flunked miserably).
Jen H. (<-- I'll try to remember to write Jen H, since there are so many Jen's!)
-----Original Message-----
From: Jenn Vesperman [mailto:jenn at anthill.echidna.id.au]
Sent: Sunday, January 13, 2002 11:29 PM
To: jockgrrl at austin.rr.com
Cc: raven at oneeyedcrow.net; techtalk at linuxchix.org
Subject: Re: [Techtalk] Theory vs. practice
On Mon, 2002-01-14 at 18:12, Julie wrote:
> A lot of what's out there today in terms of "practice" has very
> little to do with formal security theory and more to do with really
> bad coding. For example, most of the security problems we see are
> coding errors -- buffer overflows, parameter checking, software
> races, and the like.
Yes, but programmers aren't being taught how to avoid these coding
errors, or what errors to avoid.
Jenn V.
--
"Do you ever wonder if there's a whole section of geek culture
you miss out on by being a geek?" - Dancer.
jenn at anthill.echidna.id.au http://anthill.echidna.id.au/~jenn/
_______________________________________________
Techtalk mailing list
Techtalk at linuxchix.org
http://www.linuxchix.org/mailman/listinfo/techtalk
More information about the Techtalk
mailing list