From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,5bc4be576204aa20 X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news1.google.com!newsread.com!news-xfer.newsread.com!newspeer.monmouth.com!nntp.abs.net!news.abs.net!not-for-mail Newsgroups: comp.lang.ada Subject: Re: Buffer overflow Article - CACM References: From: Stephen Leake Message-ID: User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (windows-nt) Cancel-Lock: sha1:dA0o65f9JOL/sm8zszKp6H8w0V0= MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 13 Nov 2005 10:44:59 -0500 NNTP-Posting-Host: 66.159.65.1 X-Complaints-To: abuse@toad.net X-Trace: news.abs.net 1131896700 66.159.65.1 (Sun, 13 Nov 2005 10:45:00 EST) NNTP-Posting-Date: Sun, 13 Nov 2005 10:45:00 EST Xref: g2news1.google.com comp.lang.ada:6361 Date: 2005-11-13T10:44:59-05:00 List-Id: writes: > There is an interesting article in the current issue of the Communications > of the ACM (Vol 48, No 11, page 50) about preventing stack > buffer overflow attacks. The authors, Kuperman, Brodley, Ozdoganoglu, > Viuakumar, and Jalote, write as if they have never heard of Ada. > > In one paragraph, they criticize C as being vulnerable to such attacks > and then dismiss Pascal as being unable to address low-level issues. > As I read their solution, it became clear that simply choosing Ada for > their development language would solve the vast majority of their > concerns. > > This kind of article appears every now and then. The authors of these > articles write as if it is necessary to improve C or invent new tools > when all they really have to do is discover Ada. I hope you wrote to the editor of CACM pointing out this flaw in the article. It is up to the editor to ensure that articles are fair and balanced! And they won't know there's a problem if nobody tells them. There have been similar problems with articles in Dr Dobbs; the editor has been quite gracious when I point them out. We'll have to see if that translates into more balanced coverage in the future ... On the other hand, I don't read CACM any more, because the articles are so poor in general. Well, except for the legal column by Pamela Samuelson (if I've got her name right). -- -- Stephe