[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] automated vulnerability testing

To: "'full-disclosure@lists.netsys.com'" <full-disclosure@lists.netsys.com>
Subject: [Full-Disclosure] automated vulnerability testing
From: "Choe.Sung Cont. PACAF CSS/SCHP" <Sung.Choe@hickam.af.mil>
Date: Sat, 29 Nov 2003 10:47:32 -0000

Bill Royds wrote:
> If you are truly interested in security, you won't use C as the
programming
> language. 
You must be shitting me..  C does have its inherent flaws but that doesn't
mean that there cannot be a secure application written in C.  This statement
represents FUD at its highest level.

> It is security unfriendly by design.
C is designed to allow the programmer a high level of functionality and
freedom.  If he/she is laize-faire in his/her coding practices, that is an
issue with the programmer, not the language.

V/r,
Sung J. Choe
PACAF CSS/SCHP, PACAF NOSC
Information Assurance Analyst
DSN: 315-449-4317, Comm: 808-449-4317

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] automated vulnerability testing
  - From: Todd Burroughs <todd@hostopia.com>
- RE: [Full-Disclosure] automated vulnerability testing
  - From: "Bill Royds" <full-disclosure@royds.net>
- Re: [Full-Disclosure] automated vulnerability testing
  - From: Chris Adams <chris@improbable.org>

Prev by Date: RE: [Full-Disclosure] automated vulnerability testing
Next by Date: Re: [Full-Disclosure] automated vulnerability testing
Previous by thread: RE: [Full-Disclosure] automated vulnerability testing
Next by thread: Re: [Full-Disclosure] automated vulnerability testing
Index(es):
- Date
- Thread