Hosting Provided By

RE: Writing Secure code

From: Roger Alexander <rta(at)cs.colostate.edu>
Date: Fri Dec 27 2002 - 15:51:28 EST

> > And one more thing...<this one might be intresting ;-)> Is it

The problem is not in writing code in which bugs are "totally prevented". It's in knowing that what you have written is bug (i.e. fault) -free. The only way to know this is to test your program with *all possible* inputs, which is impossible for all but the most trivial programs. Thus, you can never know that what you have written is in fact bug free. Unfortunately, this applies to writing secure programs as well. Sure, there are practices that we can utilize that will help us make our code more secure, but we can never be sure that is "totally secure".

Roger Alexander.

Roger T. Alexander
Associate Professor
Department of Computer Science
Colorado State University Received on Fri Dec 27 22:44:26 2002

This message: [ Message body ]
Next message: Oliver Friedrichs: "RE: Writing Secure code"
Previous message: John Viega: "Re: Writing Secure code"
In reply to Valdis.Kletnieks(at)vt.edu: "Re: Writing Secure code"
Next in thread: Matt McClellan: "RE: Writing Secure code"
Reply: Matt McClellan: "RE: Writing Secure code"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:44 EDT