WANTED: ISPs with DDoS defense solutions
Jack Bates
jbates at brightok.net
Fri Aug 1 11:35:34 UTC 2003
Vadim Antonov wrote:
> On Thu, 31 Jul 2003, Petri Helenius wrote:
>
>
>>>What we need is a new programming paradigm, capable of actually producing
>>>secure (and, yes, reliable) software. C and its progeny (and "program
>>>now, test never" lifestyle) must go. I'm afraid it'll take laws which
>>>would actually make software makers to pay for bugs and security
>>>vulnerabilities in shipped code to make such paradigm shift a reality.
>>>
>>
>>Blaming the tools for the mistakes programmers make is like saying "guns kill people"
>>when the truth is that people kill people with guns.
>
>
> Yep, it is people who choose tools and methods which produce code which is
> guaranteed to be unreliable and insecure - simply because those tools
> allow one to be lazy and cobble things together fast without much design
> or planning.
>
There is nothing in C which guarantees that code will be unreliable or
insecure. C has the advantage of power and flexibility. It does no hand
holding, so any idiot coder claiming to be a programmer can slap
together code poorly. This is the fault of the programmer, and not the
language. The syntax for C is just fine, and since any language is
nothing more than syntax, C is a workable language. There are libraries
out there for handling arrays with sanity checks. The fact that people
don't use them is their own fault. For that matter, one can easily write
their own. I don't know how many times I have gotten a vacant expression
when mentioning the word flowchart; which is nothing more than the
visual form of what any programmer should have going through their head
(and on paper if they really want to limit mistakes). What I'd give to
see a detailed flowchart for sendmail. I'd hang it on my walls (as I'm
sure it'd take more than one).
<snip>
> A real programmer can write FORTRAN program in any language. The problem
> is that the even the best programmers make mistakes. Many of those
> mistakes (particularly, security-related - such as not checking for buffer
> overflows) can be virtually eliminated by the right tools.
Write a small program in C and then write it in Perl. Have the program
open a 1.4G syslog file and run a tight loop reading in one line at a
time, scanning for sendmail log entries, parsing the line, and writing
out to a file the datetime, envelope_from, nrcpts, msgid.
Your program is half way to actually being useful for something. But
that should be far enough. Time both programs. For what it's worth,
sorry Perl took so long.
If a programmer can write a process in any language, then naturally the
programmer should choose the language which provides the most
flexibility, performance, and diversity; or the right tool.
-Jack
More information about the NANOG
mailing list