%!PS-Adobe-3.0
%%Creator: groff version 1.11
%%CreationDate: Tue Oct 20 11:58:00 1998
%%DocumentNeededResources: font Palatino-Bold
%%+ font Times-Roman
%%+ font Courier
%%DocumentSuppliedResources: procset grops 1.11 0
%%Pages: 13
%%PageOrder: Ascend
%%Orientation: Landscape
%%EndComments
%%BeginProlog
%%BeginResource: procset grops 1.11 0
/setpacking where{
pop
currentpacking
true setpacking
}if
/grops 120 dict dup begin
/SC 32 def
/A/show load def
/B{0 SC 3 -1 roll widthshow}bind def
/C{0 exch ashow}bind def
/D{0 exch 0 SC 5 2 roll awidthshow}bind def
/E{0 rmoveto show}bind def
/F{0 rmoveto 0 SC 3 -1 roll widthshow}bind def
/G{0 rmoveto 0 exch ashow}bind def
/H{0 rmoveto 0 exch 0 SC 5 2 roll awidthshow}bind def
/I{0 exch rmoveto show}bind def
/J{0 exch rmoveto 0 SC 3 -1 roll widthshow}bind def
/K{0 exch rmoveto 0 exch ashow}bind def
/L{0 exch rmoveto 0 exch 0 SC 5 2 roll awidthshow}bind def
/M{rmoveto show}bind def
/N{rmoveto 0 SC 3 -1 roll widthshow}bind def
/O{rmoveto 0 exch ashow}bind def
/P{rmoveto 0 exch 0 SC 5 2 roll awidthshow}bind def
/Q{moveto show}bind def
/R{moveto 0 SC 3 -1 roll widthshow}bind def
/S{moveto 0 exch ashow}bind def
/T{moveto 0 exch 0 SC 5 2 roll awidthshow}bind def
/SF{
findfont exch
[exch dup 0 exch 0 exch neg 0 0]makefont
dup setfont
[exch/setfont cvx]cvx bind def
}bind def
/MF{
findfont
[5 2 roll
0 3 1 roll
neg 0 0]makefont
dup setfont
[exch/setfont cvx]cvx bind def
}bind def
/level0 0 def
/RES 0 def
/PL 0 def
/LS 0 def
/MANUAL{
statusdict begin/manualfeed true store end
}bind def
/PLG{
gsave newpath clippath pathbbox grestore
exch pop add exch pop
}bind def
/BP{
/level0 save def
1 setlinecap
1 setlinejoin
72 RES div dup scale
LS{
90 rotate
}{
0 PL translate
}ifelse
1 -1 scale
}bind def
/EP{
level0 restore
showpage
}bind def
/DA{
newpath arcn stroke
}bind def
/SN{
transform
.25 sub exch .25 sub exch
round .25 add exch round .25 add exch
itransform
}bind def
/DL{
SN
moveto
SN
lineto stroke
}bind def
/DC{
newpath 0 360 arc closepath
}bind def
/TM matrix def
/DE{
TM currentmatrix pop
translate scale newpath 0 0 .5 0 360 arc closepath
TM setmatrix
}bind def
/RC/rcurveto load def
/RL/rlineto load def
/ST/stroke load def
/MT/moveto load def
/CL/closepath load def
/FL{
currentgray exch setgray fill setgray
}bind def
/BL/fill load def
/LW/setlinewidth load def
/RE{
findfont
dup maxlength 1 index/FontName known not{1 add}if dict begin
{
1 index/FID ne{def}{pop pop}ifelse
}forall
/Encoding exch def
dup/FontName exch def
currentdict end definefont pop
}bind def
/DEFS 0 def
/EBEGIN{
moveto
DEFS begin
}bind def
/EEND/end load def
/CNT 0 def
/level1 0 def
/PBEGIN{
/level1 save def
translate
div 3 1 roll div exch scale
neg exch neg exch translate
0 setgray
0 setlinecap
1 setlinewidth
0 setlinejoin
10 setmiterlimit
[]0 setdash
/setstrokeadjust where{
pop
false setstrokeadjust
}if
/setoverprint where{
pop
false setoverprint
}if
newpath
/CNT countdictstack def
userdict begin
/showpage{}def
}bind def
/PEND{
clear
countdictstack CNT sub{end}repeat
level1 restore
}bind def
end def
/setpacking where{
pop
setpacking
}if
%%EndResource
%%IncludeResource: font Palatino-Bold
%%IncludeResource: font Times-Roman
%%IncludeResource: font Courier
grops begin/DEFS 1 dict def DEFS begin/u{.001 mul}bind def end/RES 72
def/PL 792 def/LS true def/ENC0[/asciicircum/asciitilde/Scaron/Zcaron
/scaron/zcaron/Ydieresis/trademark/quotesingle/.notdef/.notdef/.notdef
/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef
/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef/.notdef
/.notdef/.notdef/space/exclam/quotedbl/numbersign/dollar/percent
/ampersand/quoteright/parenleft/parenright/asterisk/plus/comma/hyphen
/period/slash/zero/one/two/three/four/five/six/seven/eight/nine/colon
/semicolon/less/equal/greater/question/at/A/B/C/D/E/F/G/H/I/J/K/L/M/N/O
/P/Q/R/S/T/U/V/W/X/Y/Z/bracketleft/backslash/bracketright/circumflex
/underscore/quoteleft/a/b/c/d/e/f/g/h/i/j/k/l/m/n/o/p/q/r/s/t/u/v/w/x/y
/z/braceleft/bar/braceright/tilde/.notdef/quotesinglbase/guillemotleft
/guillemotright/bullet/florin/fraction/perthousand/dagger/daggerdbl
/endash/emdash/ff/fi/fl/ffi/ffl/dotlessi/dotlessj/grave/hungarumlaut
/dotaccent/breve/caron/ring/ogonek/quotedblleft/quotedblright/oe/lslash
/quotedblbase/OE/Lslash/.notdef/exclamdown/cent/sterling/currency/yen
/brokenbar/section/dieresis/copyright/ordfeminine/guilsinglleft
/logicalnot/minus/registered/macron/degree/plusminus/twosuperior
/threesuperior/acute/mu/paragraph/periodcentered/cedilla/onesuperior
/ordmasculine/guilsinglright/onequarter/onehalf/threequarters
/questiondown/Agrave/Aacute/Acircumflex/Atilde/Adieresis/Aring/AE
/Ccedilla/Egrave/Eacute/Ecircumflex/Edieresis/Igrave/Iacute/Icircumflex
/Idieresis/Eth/Ntilde/Ograve/Oacute/Ocircumflex/Otilde/Odieresis
/multiply/Oslash/Ugrave/Uacute/Ucircumflex/Udieresis/Yacute/Thorn
/germandbls/agrave/aacute/acircumflex/atilde/adieresis/aring/ae/ccedilla
/egrave/eacute/ecircumflex/edieresis/igrave/iacute/icircumflex/idieresis
/eth/ntilde/ograve/oacute/ocircumflex/otilde/odieresis/divide/oslash
/ugrave/uacute/ucircumflex/udieresis/yacute/thorn/ydieresis]def
/Courier@0 ENC0/Courier RE/Times-Roman@0 ENC0/Times-Roman RE
/Palatino-Bold@0 ENC0/Palatino-Bold RE
%%EndProlog
%%Page: 1 1
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF(DISC - Seguridad en C'omputo 98)217.439 187 Q
(Auditing code for improving security)198.05 256 Q(.)-2.116 E
(Theo de Raadt)319.973 348 Q(deraadt@openbsd.org)282.311 371 Q .012 LW
72.012 504.001 72.012 108.001 DL 108.012 504.001 36 -180.0000 90.0000 DA
273.612 540.001 108.012 540.001 DL 300.261 540.001 273.612 540.001 DL
632.766 540.001 491.763 540.001 DL 684.012 504.001 36 90.0000 0.0000 DA
720.012 108.001 720.012 504.001 DL 684.012 108.001 36 0.0000 -90.0000 DA
108.012 72.001 684.012 72.001 DL 108.012 108.001 36 -90.0000 180.0000 DA
/F1 9/Times-Roman@0 SF(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 1)712.8 588 Q EP
%%Page: 2 2
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF(How does one audit code for security?)196.049
118 Q 10.8<8357>119.262 164 S(hat did the OpenBSD team audit?)-10.8 E
10.8<8357>119.262 210 S(hy is OpenBSD a good case study?)-10.8 E 10.8
<8354>119.262 256 S(he approach taken.)-10.8 E 10.8<834c>119.262 302 S
(essons learned.)-10.8 E 10.8<8348>119.262 348 S
(ow can you improve your ability to audit?)-10.8 E .012 LW 72.012
504.001 72.012 108.001 DL 108.012 504.001 36 -180.0000 90.0000 DA
273.612 540.001 108.012 540.001 DL 300.261 540.001 273.612 540.001 DL
632.766 540.001 491.763 540.001 DL 684.012 504.001 36 90.0000 0.0000 DA
720.012 108.001 720.012 504.001 DL 684.012 108.001 36 0.0000 -90.0000 DA
108.012 72.001 684.012 72.001 DL 108.012 108.001 36 -90.0000 180.0000 DA
/F1 9/Times-Roman@0 SF(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 2)712.8 588 Q EP
%%Page: 3 3
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF(What did the OpenBSD team audit?)207.25 118 Q
10.8<8341>119.262 164 S(complete 4.4BSD operating system.)-5.05 E 162.3
181.25 5.75 DC .012 LW ST
(kernel, libraries, utilities, daemons, everything.)180 187 Q 162.3
204.25 5.75 DC ST(even the tar command.)180 210 Q 10.8<8341>119.262 256
S(bout 10-12 people on our auditing team)-10.8 E 162.3 273.25 5.75 DC ST
(Some were not Unix experts when this started,)180 279 Q
(but they are now)180 302 Q(.)-2.116 E 162.3 319.25 5.75 DC ST
(Some auditors worked for Secure Networks)180 325 Q(and CORE)180 348 Q
10.8<8354>119.262 394 S(he main auditing process took about a year)-10.8
E 162.3 411.25 5.75 DC ST(Thousands of problems discovered and \214xed)
180 417 Q 162.3 434.25 5.75 DC ST 5.75(Ap)180 440 S
(roblem is not necessary a hole all by itself)-5.75 E 162.3 457.25 5.75
DC ST 3.404 -1.702(We d)180 463 T
(iscovered many types of security problems)1.702 E 72.012 504.001 72.012
108.001 DL 108.012 504.001 36 -180.0000 90.0000 DA 273.612 540.001
108.012 540.001 DL 300.261 540.001 273.612 540.001 DL 632.766 540.001
491.763 540.001 DL 684.012 504.001 36 90.0000 0.0000 DA 720.012 108.001
720.012 504.001 DL 684.012 108.001 36 0.0000 -90.0000 DA 108.012 72.001
684.012 72.001 DL 108.012 108.001 36 -90.0000 180.0000 DA/F1 9
/Times-Roman@0 SF(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 3)712.8 588 Q EP
%%Page: 4 4
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF
(What did the OpenBSD team audit? \(continued\))143.701 118 Q 10.8<8359>
119.262 164 S(ear two:)-12.502 E 3.404 -1.702(We c)11.5 H
(ontinue to audit the code, but:)1.702 E 162.3 181.25 5.75 DC .012 LW ST
(Far fewer discoveries nowadays)180 187 Q 162.3 204.25 5.75 DC ST
(Signi\214cantly more obscure types of bugs)180 210 Q 162.3 227.25 5.75
DC ST(More `incomplete' holes \(as I say it, `almost a)180 233 Q
(hole'\))180 256 Q 162.3 273.25 5.75 DC ST
(Some auditors appear to have moved on)180 279 Q
(because the time between \214nds is stretching \(ie.)180 302 Q
(less rewarding\))180 325 Q 10.8<8357>119.262 371 S 5.75(ef)-12.502 G
(ully disclose our new discoveries at)-5.75 E(http://www)144 394 Q
(.OpenBSD.org/security)-2.116 E(.html)-2.116 E 72.012 504.001 72.012
108.001 DL 108.012 504.001 36 -180.0000 90.0000 DA 273.612 540.001
108.012 540.001 DL 300.261 540.001 273.612 540.001 DL 632.766 540.001
491.763 540.001 DL 684.012 504.001 36 90.0000 0.0000 DA 720.012 108.001
720.012 504.001 DL 684.012 108.001 36 0.0000 -90.0000 DA 108.012 72.001
684.012 72.001 DL 108.012 108.001 36 -90.0000 180.0000 DA/F1 9
/Times-Roman@0 SF(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 4)712.8 588 Q EP
%%Page: 5 5
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF(Why is OpenBSD a good case study?)203.076 118
Q 10.8<8342>119.262 164 S(asically)-10.8 E 5.75(,t)-2.116 G
(here is proof of some success.)-5.75 E 162.3 204.25 5.75 DC .012 LW ST
-2.553(Ve)180 210 S(ry few problems reported on BUGTRAQ,)2.553 E(CER)180
233 Q 4.232 -2.116(T, L)-1.265 H(0pht, SNI, ...)2.116 E 162.3 250.25
5.75 DC ST(Recognition for security in W)180 256 Q(ired \(eek!\) and)
-.851 E(many other magazines)180 279 Q 162.3 296.25 5.75 DC ST
(The OpenBSD mantra: "W)180 302 Q 5.75<658c>-1.702 G(xed that more than)
-5.75 E 5.75(ay)180 325 S(ear ago" \(which really annoys some people\))
-5.75 E 162.3 342.25 5.75 DC ST
(Many security sensitive sites run our software)180 348 Q 162.3 365.25
5.75 DC ST(Developers who praise our security ef)180 371 Q(forts)-.414 E
162.3 388.25 5.75 DC ST(`Mimicry' in the FreeBSD and Linux)180 394 Q
(communities \(members of their communities)180 417 Q
(admitting that they are way behind OpenBSD)180 440 Q(in security)180
463 Q 5.75(,b)-2.116 G(ut not following the process which)-5.75 E
(led to our success\))180 486 Q 72.012 504.001 72.012 108.001 DL 108.012
504.001 36 -180.0000 90.0000 DA 273.612 540.001 108.012 540.001 DL
300.261 540.001 273.612 540.001 DL 632.766 540.001 491.763 540.001 DL
684.012 504.001 36 90.0000 0.0000 DA 720.012 108.001 720.012 504.001 DL
684.012 108.001 36 0.0000 -90.0000 DA 108.012 72.001 684.012 72.001 DL
108.012 108.001 36 -90.0000 180.0000 DA/F1 9/Times-Roman@0 SF
(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 5)712.8 588 Q EP
%%Page: 6 6
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF(The approach taken.)288.992 118 Q 10.8<8354>
119.262 164 S(his is what I do when I audit, and what I ask)-10.8 E
(auditors to do.)144 187 Q 10.8<8354>119.262 233 S
(his is basically what has been said on our web)-10.8 E
(page for quite some time:)144 256 Q 162.3 273.25 5.75 DC .012 LW ST
(http://www)180 279 Q(.openbsd.org/security)-2.116 E(.html)-2.116 E 10.8
<8354>119.262 325 S(his is a best-ef)-10.8 E(fort type thing.)-.414 E
72.012 504.001 72.012 108.001 DL 108.012 504.001 36 -180.0000 90.0000 DA
273.612 540.001 108.012 540.001 DL 300.261 540.001 273.612 540.001 DL
632.766 540.001 491.763 540.001 DL 684.012 504.001 36 90.0000 0.0000 DA
720.012 108.001 720.012 504.001 DL 684.012 108.001 36 0.0000 -90.0000 DA
108.012 72.001 684.012 72.001 DL 108.012 108.001 36 -90.0000 180.0000 DA
/F1 9/Times-Roman@0 SF(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 6)712.8 588 Q EP
%%Page: 7 7
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF(The approach taken \(continued\))228.318 118 Q
10.8<8346>119.262 164 S(ile by \214le, line by line -- well, almost.)
-10.8 E 10.8<834f>119.262 187 S(ften we can concentrate on vulnerable)
-10.8 E(subsystems \214rst)144 210 Q 10.8<8349>119.262 233 S
(ncluding things often over)-10.8 E(-looked, such as:)-.414 E 162.3
250.25 5.75 DC .012 LW ST(Libraries, even include \214les)180 256 Q
162.3 273.25 5.75 DC ST(Obscure system call behaviours \(or non-)180 279
Q(compliancies\))180 302 Q 10.8<8346>119.262 348 S
(ix as many non-security bugs as you can!)-10.8 E 162.3 365.25 5.75 DC
ST(Most security problems are just regular bugs)180 371 Q 162.3 388.25
5.75 DC ST(If you see a regular bug, why not \214x it?)180 394 Q
(\(Imagine the shame if it turns out to be a hole\))180 417 Q 10.8<8341>
119.262 463 S(ctually)-10.8 E 5.75(,i)-2.116 G 5.75(tb)-5.75 G
(ecomes dif)-5.75 E(\214cult to de\214ne whether a)-.414 E
(bug is security related or not ...)144 486 Q 72.012 504.001 72.012
108.001 DL 108.012 504.001 36 -180.0000 90.0000 DA 273.612 540.001
108.012 540.001 DL 300.261 540.001 273.612 540.001 DL 632.766 540.001
491.763 540.001 DL 684.012 504.001 36 90.0000 0.0000 DA 720.012 108.001
720.012 504.001 DL 684.012 108.001 36 0.0000 -90.0000 DA 108.012 72.001
684.012 72.001 DL 108.012 108.001 36 -90.0000 180.0000 DA/F1 9
/Times-Roman@0 SF(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 7)712.8 588 Q EP
%%Page: 8 8
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF(The approach taken \(continued\))228.318 118 Q
10.8<8341>119.262 164 S(good auditor has to continually backtrack, ie:)
-5.05 E 162.3 181.25 5.75 DC .012 LW ST(Start with some knowledge)180
187 Q 162.3 204.25 5.75 DC ST(Audit a program: \214x a few bugs)180 210
Q 162.3 227.25 5.75 DC ST
(Audit a second program: \214x a few bugs, spot a)180 233 Q
(new type of bug)180 256 Q 162.3 273.25 5.75 DC ST
(Go BACK to the \214rst program, look for that)180 279 Q
(new type of bug in it)180 302 Q 162.3 319.25 5.75 DC ST
(Add a new program to the set, repeat. \(After a)180 325 Q
(few cycles it is easy to get bogged down\))180 348 Q 10.8<834d>119.262
394 S(ost people who do audits today are quite)-10.8 E
(unfamiliar with the detailed behaviours of the)144 417 Q
(system they are auditing)144 440 Q 10.8<834f>119.262 463 S
(ften as unfamiliar as the author)-10.8 E 10.8<8348>119.262 486 S
(ence, on-going education is the key!)-10.8 E 72.012 504.001 72.012
108.001 DL 108.012 504.001 36 -180.0000 90.0000 DA 273.612 540.001
108.012 540.001 DL 300.261 540.001 273.612 540.001 DL 632.766 540.001
491.763 540.001 DL 684.012 504.001 36 90.0000 0.0000 DA 720.012 108.001
720.012 504.001 DL 684.012 108.001 36 0.0000 -90.0000 DA 108.012 72.001
684.012 72.001 DL 108.012 108.001 36 -90.0000 180.0000 DA/F1 9
/Times-Roman@0 SF(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 8)712.8 588 Q EP
%%Page: 9 9
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF(The approach taken \(continued\))228.318 118 Q
10.8<8349>119.262 164 S 5.75(fy)-10.8 G
(ou \214nd a particular bug is rampant, it may be)-5.75 E
(worthwhile to do a seek-and-destroy session.)144 187 Q
(\(mktemp races, estimated ef)144 210 Q(fort 50-60 hours\))-.414 E 10.8
<8345>119.262 256 S(ventually)-10.8 E 5.75(,t)-2.116 G
(his can lead to "\214nd | grep" scans of)-5.75 E
(the entire source tree searching for things which)144 279 Q
(rely on a suspect or often-misused API. \(like)144 302 Q(readlink\))144
325 Q 10.8<8341>119.262 371 S 5.75(st)-10.8 G
(he auditor gains greater familiarity with the)-5.75 E
(system, he should spot new bugs easily)144 394 Q 11.5(.\()-2.116 G
3.404 -1.702(We d)-11.5 H(o, in)1.702 E 5.75(a3)144 417 S
(00MB source tree\))-5.75 E .012 LW 72.012 504.001 72.012 108.001 DL
108.012 504.001 36 -180.0000 90.0000 DA 273.612 540.001 108.012 540.001
DL 300.261 540.001 273.612 540.001 DL 632.766 540.001 491.763 540.001 DL
684.012 504.001 36 90.0000 0.0000 DA 720.012 108.001 720.012 504.001 DL
684.012 108.001 36 0.0000 -90.0000 DA 108.012 72.001 684.012 72.001 DL
108.012 108.001 36 -90.0000 180.0000 DA/F1 9/Times-Roman@0 SF
(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 9)712.8 588 Q EP
%%Page: 10 10
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF(Lessons learned.)309.129 118 Q 10.8<8341>
119.262 164 S(bunch of us have gotten really good at spotting)-5.05 E
(bugs in code)144 187 Q 10.8<8349>119.262 210 S 5.75(ta)-10.8 G
(ppears to be a learned skill, not knowledge)-5.75 E 10.8<8357>119.262
233 S 5.75(ed)-12.502 G(on')-5.75 E 5.75(tk)-.414 G
(now how to pass the skill of `discovery')-5.75 E(on to others)144 256 Q
10.8<834c>119.262 279 S
(ists of old bugs do not teach people the skill of)-10.8 E(discovery!)
144 302 Q 10.8<8341>119.262 348 S 5.75(tt)-10.8 G
(imes, some of us have simply sifted through)-5.75 E
(source code for 6 hours, \214xed 20 tiny bugs, then)144 371 Q
(suddenly discovered a serious new issue which)144 394 Q
(then took us 4 days to resolve.)144 417 Q 10.8<8341>119.262 440 S 5.75
(to)-10.8 G(ther times, one of those tiny inconsequential-)-5.75 E
(looking bugs has turned out to be a huge hole)144 463 Q(\(years later)
144 486 Q 5.75(,o)-1.265 G 5.75(nB)-5.75 G(UGTRAQ\).)-5.75 E .012 LW
72.012 504.001 72.012 108.001 DL 108.012 504.001 36 -180.0000 90.0000 DA
273.612 540.001 108.012 540.001 DL 300.261 540.001 273.612 540.001 DL
632.766 540.001 491.763 540.001 DL 684.012 504.001 36 90.0000 0.0000 DA
720.012 108.001 720.012 504.001 DL 684.012 108.001 36 0.0000 -90.0000 DA
108.012 72.001 684.012 72.001 DL 108.012 108.001 36 -90.0000 180.0000 DA
/F1 9/Times-Roman@0 SF(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 10)704.4 588 Q EP
%%Page: 11 11
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF(Lessons learned \(continued\))248.455 118 Q
10.8<834f>119.262 164 S 5.75(nt)-10.8 G
(he whole, code quality just plain SUCKS.)-5.75 E 162.3 181.25 5.75 DC
.012 LW ST(Not just holes -- bugs, but...)180 187 Q 162.3 204.25 5.75 DC
ST(20 bugs will add up to become a hole... or)180 210 Q
(maybe just 3 bugs?)180 233 Q 162.3 250.25 5.75 DC ST 3.404 -1.702(We h)
180 256 T(ave found serious problems in pretty)1.702 E(much everything.)
180 279 Q 10.8<8350>119.262 325 S
(rogrammers do not understand the APIs they)-10.8 E(code to.)144 348 Q
162.3 365.25 5.75 DC ST(Addendum: Programmers don')180 371 Q 5.75(tc)
-.414 G(are to learn)-5.75 E(the APIs they code to.)180 394 Q 162.3
411.25 5.75 DC ST 5.75(Ag)180 417 S
(ood programmer will make an API error)-5.75 E(about every 30 lines.)180
440 Q 162.3 457.25 5.75 DC ST 5.75(An)180 463 S(ovice programmer)-5.75 E
(...)-1.265 E 72.012 504.001 72.012 108.001 DL 108.012 504.001 36
-180.0000 90.0000 DA 273.612 540.001 108.012 540.001 DL 300.261 540.001
273.612 540.001 DL 632.766 540.001 491.763 540.001 DL 684.012 504.001 36
90.0000 0.0000 DA 720.012 108.001 720.012 504.001 DL 684.012 108.001 36
0.0000 -90.0000 DA 108.012 72.001 684.012 72.001 DL 108.012 108.001 36
-90.0000 180.0000 DA/F1 9/Times-Roman@0 SF
(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 11)704.4 588 Q EP
%%Page: 12 12
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF
(How can you improve your ability to audit \(or write)108 118 Q
(secure code\))331.807 141 Q 10.8<8342>119.262 187 S
(ecome a better programmer by)-10.8 E(..)-2.116 E 10.8<8353>119.262 210
S(tart studying standards documents)-10.8 E 10.8<8353>119.262 233 S
(trive to completely understand the APIs you use)-10.8 E
(\(complete internal source code for most APIs is)144 256 Q
(now available.)144 279 Q(Read it and learn!\))11.5 E 10.8<8341>119.262
302 S(void the NIH syndrome.)-12.41 E(Look at what others do!)11.5 E
10.8<834c>119.262 325 S(imit your trust.)-10.8 E .012 LW 72.012 504.001
72.012 108.001 DL 108.012 504.001 36 -180.0000 90.0000 DA 273.612
540.001 108.012 540.001 DL 300.261 540.001 273.612 540.001 DL 632.766
540.001 491.763 540.001 DL 684.012 504.001 36 90.0000 0.0000 DA 720.012
108.001 720.012 504.001 DL 684.012 108.001 36 0.0000 -90.0000 DA 108.012
72.001 684.012 72.001 DL 108.012 108.001 36 -90.0000 180.0000 DA/F1 9
/Times-Roman@0 SF(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 12)704.4 588 Q EP
%%Page: 13 13
%%BeginPageSetup
BP
%%EndPageSetup
/F0 23/Palatino-Bold@0 SF(Sponsoring our ef)277.366 118 Q(forts)-.414 E
(OpenBSD is a free unix-like operating system.)108 164 Q
(Binary releases are freely available for ftp. Our group)119.5 210 Q
(also sells CDROMS to pay for our development costs)119.5 233 Q
(-- without such sales we would not be able to)119.5 256 Q
(continue our ef)119.5 279 Q(forts.)-.414 E
(For information about OpenBSD, start at)108 325 Q 10.8<8368>119.262 348
S(ttp://www)-10.8 E(.OpenBSD.org)-2.116 E
(Our most recent release is OpenBSD 2.3.)108 394 Q(CDROM sets)11.5 E
(are available for $30 USD.)119.5 417 Q(For CD orders see)11.5 E
(http://www)119.5 440 Q(.OpenBSD.org/orders.html or via FTP at)-2.116 E
(http://www)119.5 463 Q(.OpenBSD.org/ftp.html)-2.116 E .012 LW 72.012
504.001 72.012 108.001 DL 108.012 504.001 36 -180.0000 90.0000 DA
273.612 540.001 108.012 540.001 DL 300.261 540.001 273.612 540.001 DL
632.766 540.001 491.763 540.001 DL 684.012 504.001 36 90.0000 0.0000 DA
720.012 108.001 720.012 504.001 DL 684.012 108.001 36 0.0000 -90.0000 DA
108.012 72.001 684.012 72.001 DL 108.012 108.001 36 -90.0000 180.0000 DA
/F1 9/Times-Roman@0 SF(Theo de Raadt\255 DISC \255 Se)302.499 543.001 Q
(guridad en C\264omputo 98)-.135 E(Oct 20, 1998)145.503 E/F2 14
/Courier@0 SF(Page 13)704.4 588 Q EP
%%Trailer
end
%%EOF
![[BACK]](/icons/back.gif){kind=icon}
Return to mexico98-slides.ps CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www / papers