Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
BLACK FRIDAY DEAL: Trust the World's Fastest VPN with Your Internet Security & Freedom--A Lifetime Subscription of PureVPN at $48 with coupon code "BFRIDAY20" ×

Comment meh (Score 1) 486

I've just finished evaluating approximatley 500kloc code using Coverity Prevent and Klocwork Insight (Static analysis tools). Together they found around 250 issues with the code. Null pointer dereferences, array boundary violations and a bunch of other nasty stuff.
How many of these do you think involved memcpy? - Nil, Zip, Nada.

Comment Re:Arghhhh Cap'n (Score 1) 410

If you want to make a difference in the US, support EFF (www.eff.com)

I live in Sweden and support EFF because looking at track records show that Electronic Frontier Foundation has done a heck of a lot more for freedom of speech in my home country than the Pirate Party. Swedish judges rely heavily on examples from the US (just look at the TPB trial).

Comment Re:interesting excerpt from bang source code (Score 1) 310

I couldn't agree with you more. Did I mention that not all projects even have unit-tests? *sigh*

Problem is that we're just using intra-procedural static code checks on code modules used by many projects. That implies that any tainted data or call outside your module should be checked.

We're currently evaluating programs to try to find more elaborate problems using flow-sensitive static analysis etc. Got any tips?

Comment uh... (Score 2) 734

Got this when I tried to surf the apply for a ETA:

You are about to access a Department of Homeland Security computer system. This computer system and data therein are property of the U.S. Government and provided for official U.S. Government information and use. There is no expectation of privacy when you use this computer system. The use of a password or any other security measure does not establish an expectation of privacy. By using this system, you consent to the terms set forth in this notice. You may not process classified national security information on this computer system. Access to this system is restricted to authorized users only. Unauthorized access, use, or modification of this system or of data contained herein, or in transit to/from this system, may constitute a violation of section 1030 of title 18 of the U.S. Code and other criminal laws. Anyone who accesses a Federal computer system without authorization or exceeds access authority, or obtains, alters, damages, destroys, or discloses information, or prevents authorized use of information on the computer system, may be subject to penalties, fines or imprisonment. This computer system and any related equipment is subject to monitoring for administrative oversight, law enforcement, criminal investigative purposes, inquiries into alleged wrongdoing or misuse, and to ensure proper performance of applicable security features and procedures. DHS may conduct monitoring activities without further notice.

Does this mean that they are implying that I'm hacking a DHS server just by following a link to it?

Slashdot Top Deals

Forty two.

Working...