From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,5cb36983754f64da
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2004-04-15 09:32:42 PST
Path: 
 archiver1.google.com!news1.google.com!news.glorb.com!cyclone.bc.net!news.uunet.ca!nf3.bellglobal.com!nf1.bellglobal.com!nf2.bellglobal.com!news20.bellglobal.com.POSTED!not-for-mail
From: "Warren W. Gay VE3WWG" <warren@ve3wwg.tk>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
 rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
X-Accept-Language: en-us, en
MIME-Version: 1.0
Newsgroups: comp.lang.ada
Subject: Re: No call for Ada
References: <CfadnRldxOIv1-XdRVn-uw@gbronline.com>
 <dtYdc.4461$xn4.17554@attbi_s51> <bLmdnfBfLunI9OXdRVn-uw@gbronline.com>
 <107m6cdmda7f639@corp.supernews.com> <407D235B.2040004@noplace.com>
 <z7CdnV7YPfhB2-DdRVn-hQ@comcast.com>
 <QTefc.10090$A_4.6260@newsread1.news.pas.earthlink.net>
In-Reply-To: <QTefc.10090$A_4.6260@newsread1.news.pas.earthlink.net>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Message-ID: <tAyfc.22337$2Z6.944040@news20.bellglobal.com>
Date: Thu, 15 Apr 2004 12:17:32 -0400
NNTP-Posting-Host: 198.96.223.163
X-Complaints-To: abuse@sympatico.ca
X-Trace: news20.bellglobal.com 1082045849 198.96.223.163 (Thu,
 15 Apr 2004 12:17:29 EDT)
NNTP-Posting-Date: Thu, 15 Apr 2004 12:17:29 EDT
Organization: Bell Sympatico
Xref: archiver1.google.com comp.lang.ada:7146
Date: 2004-04-15T12:17:32-04:00
List-Id: <comp.lang.ada>

Jeffrey Carter wrote:

> Robert I. Eachus wrote:
> 
>> Personally, I think that the need for web servers for companies doing 
>> web commerce is an area where Ada's strengths will eventually mean 
>> that it is needed to avoid the hazards associated with other 
>> languages. There is a large, nasty group of crackers out there, and if 
>> they ever sniff out the ability to redirect the billions of dollars in 
>> e-commerce transactions into their accounts, financially safe software 
>> will be in great demand.
> 
> Indeed. Buffer overflows account for about half of all known 
> vulnerabilities. People have been "fixing" these errors for over a 
> decade, yet even today people are creating new buffer-overflow 
> vulnerabilities, so it appears that something stronger than knowing 
> about the problem is needed to avoid them. Something like a language 
> that doesn't allow them in the first place. Yet none of the discussions 
> of how to improve security mention the effects of appropriate language 
> choice.

That is why I have said in the past that someone needs to rewrite
BIND (DNS) in Ada. I would sleep better at night with an Ada version
of it exposed to the net than the C versions we use.

> When big customers refuse to use networking SW written in a language 
> that allows buffer overflows, Ada, and products like AWS, will be there 
> to fill the need. But the customers need to know that language choice 
> can make a big difference.

Absolutely.

-- 
Warren W. Gay VE3WWG
http://ve3wwg.tk