From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,LOTS_OF_MONEY autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,d89b08801f2aacae X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2002-05-01 09:57:28 PST Newsgroups: comp.lang.ada Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!nntp.abs.net!uunet!dca.uu.net!ash.uu.net!xyzzy!nntp From: Jeffrey Carter Subject: Re: Is strong typing worth the cost? X-Nntp-Posting-Host: e246420.msc.az.boeing.com Content-Type: text/plain; charset=us-ascii Message-ID: <3CD01895.A2CD5F41@boeing.com> Sender: nntp@news.boeing.com (Boeing NNTP News Access) Content-Transfer-Encoding: 7bit Organization: The Boeing Company X-Accept-Language: en References: Mime-Version: 1.0 Date: Wed, 1 May 2002 16:32:21 GMT X-Mailer: Mozilla 4.73 [en]C-CCK-MCD Boeing Kit (WinNT; U) Xref: archiver1.google.com comp.lang.ada:23351 Date: 2002-05-01T16:32:21+00:00 List-Id: What is the cost/benefit ratio of weak typing? In "Managing Software Security Risks", Gary McGraw (IEEE Computer, 2002 April) says "Buffer overflows have been causing serious security problems for decades and now account for nearly half of all major security bugs resulting in CERT Coordination Center (http://www.cert.org/) advisories.". Buffer overflows result from the use of weakly typed languages that do not automatically check array accesses against array bounds by developers who do not manually perform such checks. About half of all major security flaws would not exist if the software had been developed in a strongly typed language. I recall seeing, but can't now find, an article that put the worldwide cost of crackers exploiting security flaws at $10G for a recent year. The best I can find is http://www.statonline.com/technologies/facts.asp, which says, "In 1998, 163 organizations reported losing $123.7 million to computer security breaches, or about $759,000 per organization. (1999 CSI/FBI Report)". There need be only about 13,000 organizations worldwide for the $10G figure to be correct. That would put the cost of buffer overflows, a subset of weak typing, at about $61M for 163 organizations in 1998, or about $330k/organization. If the $10G figure is correct, the worldwide cost is about $5G/year. If my memory is off by an order of magnitude, it would be $500M/year. All of these figures represent a significant cost from a subset of weak typing. What is the benefit of weak typing? There appears to be none, which puts the cost/benefit ratio for this instance of weak typing at or approaching infinity. One benefit of strong typing would be the elimination of about half of all major security flaws, a significant benefit. The cost of obtaining this benefit would have been small if an appropriate language choice had been made for this software (remember that C and Pascal are contemporaries, so it's not as if this technology was unknown when networking software was developed). This is evidence that the cost/benefit ratio of strong typing is smaller than the ratio for weak typing. -- Jeffrey Carter