[Cryptography] "NSA-linked Cisco exploit poses bigger threat than previously thought"
Patrick Chkoreff
patrick at rayservers.net
Wed Aug 24 21:07:37 EDT 2016
Steven M. Bellovin wrote on 08/24/2016 02:00 PM:
> This is the issue: C makes it hard to do the right thing. Sure, good
> programmers will expend the extra effort to get it right -- Dave Presto
> wrote a safe string library for his upas mailer in the mid-1908s,
> *before* the Morris Worm. I asked him about that once: "I didn't think
> I could get it right any other way." But the fact that everyone else
> has had to roll their own illustrates the problem.
Yes, I've been down that road myself:
https://github.com/chkoreff/Fexl/blob/master/src/str.c
-- Patrick
More information about the cryptography
mailing list