Re: [opensuse] Buffer overflow [Was: experiences with bache / logic of caching]
On 02/14/2016 05:35 PM, Carlos E. R. wrote:
On 2016-02-14 23:26, Anton Aylward wrote:
I do wonder, however, just how much mistakes like this are taught
in CS courses? I've noted many times that the #1 and #1
vulnerabilities in the SANS Top 20 list, SQL Injection and Bugger
Overflow, have been around for more than 20 years. Buffer
Overflow, if you recall, was the root cause of the Morris Worm of
1988 which took down an appreciable part of the
Internet-as-it-then-was. My point here is that when I interview
new intakes of programmers or even talk with one who've been
working for my client for some years, even the ones that are aware
of these tell me their schools & colleege course never mentioned
Mine did.

The teacher repeated several times how dangerous and bad language was
the C that he was teaching us. Took pains to stress the point.

You are fortunate to have such a teacher.
I was in Chapters, our BigBox chain of bookstores, once and it must have
been that I was looking at some new language books. A student asked me
about languages, did I know UNIX, did I know C? She had a problem with
learning C.

I checked the shelves for something better than her courseware books,
which, while good on grammatical language constructs, if-then-else and
lexical stuff, but poor on program constructs. One I found was Lyon's
Commentary. I showed her that.

Do you recall in the move Mozart when Salieri comes to visit and Mozart
is out but his wife shows Salieri some of his work. The reaction was
rather like that. OK, not /quite/ as dramatic. "This is wonderful, I
understand this!".

Sometimes I think that there is a gulf separating the languages
developed in North America from the ones developed in Europe (and
possibly Japan). Sometimes I think this is reflected not just in the
aesthetics of the languages themselves but in the attitude towards
teaching programming.

A: Yes.
> Q: Are you sure?
>> A: Because it reverses the logical flow of conversation.
>>> Q: Why is top posting frowned upon?

