Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
note_on_buffer_overflows [2008/10/26 21:33] vkuncak |
note_on_buffer_overflows [2008/10/26 22:00] vkuncak |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Note on Buffer Overflows ====== | ====== Note on Buffer Overflows ====== | ||
| - | A study by Cisco Systems, describes virus Code Red, | + | A study published as a White Paper by Cisco Systems "Economic Impact of Network Security Threats", describes virus Code Red, |
| "Code Red (2001) | "Code Red (2001) | ||
| Line 11: | Line 11: | ||
| and shows the world-wide economic impact to be **$2.62 billion**. | and shows the world-wide economic impact to be **$2.62 billion**. | ||
| - | |||
| - | Many of such errors could be prevented with memory-safe languages such as Java and Scala. | ||
| The occurrences of these errors were reduced subsequently by a serious push within the company to adopt programming language discipline and tools that effectively turns C into a language where array accesses can be checked to be within bounds. | The occurrences of these errors were reduced subsequently by a serious push within the company to adopt programming language discipline and tools that effectively turns C into a language where array accesses can be checked to be within bounds. | ||
| + | |||
| + | Many of such errors could be prevented in first place by using memory-safe languages such as Java and Scala (or LISP, invented before C) | ||