Follow Slashdot stories on Twitter


Forgot your password?

Comment Re:Wait, what does Con Kolivas have to do with thi (Score 1) 549

Especially since on a 64 bit distro pretty much everything, with very few exceptions is 64 bit.
You should look at ppc and sparc distro : pretty much everything is ... 32 bit. That because 32bit is more efficiant than 64 bits (less code/data size). But on x86 that's different because that's on the same arch at all (not the same register/feature, ...).

Comment Re:Open browser engineering issues (Score 2, Informative) 49

There is no question that programming in C and C++ requires skill, and that memory management is an issue, and automatic heap allocation and garbage collection is the popular solution to that issue, but there is no silver bullets, and they are always compromises. I Yes, project need to be written with security in mind. There are program with few security hole written in C/C++ but most of the time they use special API for strings, allocation, ... For example vsftpd : Again, there are no silver bullets. For instance, the Java sandbox is one solution to a security issue. It is not perfect, and it's imperfections lead to a false sense of security. It is ok for developers to be sloppy because garbage collection and the sandbox will protect the user. Sandbox doesn't imply high level language. Even in a sandbox, if it is not correctly configured, there can be security hole. On the other side you can be sandboxing in C/C++ (using the OS). For example using chroot/PR_SET_SECCOMP ...) I think the problem is writing a safe application is really hard and can be tricky. You need to know well "secure" programming and what offer the OS. For the average programmer using high level language can help : it is the writer of the high level language who have managed security, not you. And you can expect them to do better than you.

Slashdot Top Deals

"Being against torture ought to be sort of a multipartisan thing." -- Karl Lehenbauer, as amended by Jeff Daiell, a Libertarian