version 1.256, 2003/04/14 16:33:36 |
version 1.257, 2003/04/16 19:58:05 |
|
|
<h2>April, 2003</h2> |
<h2>April, 2003</h2> |
<ul> |
<ul> |
|
|
|
|
|
<li><font color="#009000"><strong> |
|
<a href="http://www.sans.org/newsletters/newsbites/vol5_15.php"> |
|
OpenBSD Release Protected Against Buffer Overflow Attacks</a>, |
|
SANS Newsbytes, April 16, 2003 |
|
</strong></font><br> |
|
A description of the work done in 3.3 to prevent buffer overflow attacks. |
|
The editors speak strongly in favor of the team's efforts |
|
in producing reliable, bug-free software; |
|
quoting two of them: |
|
<br/>(Ranum): It's GREAT to see that at least a few people are smart enough |
|
to try to attack problems like this systemically, rather than keeping |
|
stuck in the fruitless "penetrate and patch" while loop. This is how |
|
to make progress in security: fundamental protections. |
|
<br/>(Shpantzer): Initiatives like this should be taught as case studies |
|
in computer science courses at the undergraduate level. |
|
<p> |
|
|
<li><font color="#009000"><strong> |
<li><font color="#009000"><strong> |
<a href="http://news.com.com/2100-1002-996584.html"> |
<a href="http://news.com.com/2100-1002-996584.html"> |
Open-source team fights buffer overflows</a>, |
Open-source team fights buffer overflows</a>, |