Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : Novell (NOVL) dirt cheap, good buy? -- Ignore unavailable to you. Want to Upgrade?

To: Frederick Smart who wrote (23277)	7/30/1998 9:07:00 AM
From: EPS	Respond to of 42771

From NYTimes July 30, 1998 Flaw in E-Mail Programs Points to an Industrywide Problem By JOHN MARKOFF AN FRANCISCO -- The security flaw reported this week in E-mail programs produced by two highly respected software companies points to an industrywide problem -- the danger of programming languages whose greatest strength is also their greatest weakness. Much of the power and flexibility of C and C++, the computer languages most commonly used to build commercial software, derive from the fact that they give professional programmers the ability to write enormously complex programs quickly and efficiently. But they do this, in part, by allowing short cuts that can also lead to disaster. As a result of these short cuts, even the best commercial programs today are riddled with bugs that range from merely annoying to catastrophic. "C makes it too easy to slice your fingers off, and programmers all over the world are doing so with great regularity," said Steven Bellovin, a researcher and computer security specialist at AT&T Laboratories, where the C language was developed in the 1960's. More modern programming languages, like the Java language developed by Sun Microsystems, have built-in safeguards that prevent programmers from making many common types of errors that could result in security loopholes. But there is a price for these safeguards. Although closely related to C and C++, Java runs far more slowly that either of those languages. For that reason, it has met resistance from programmers who are eager to get as much speed as possible from computer hardware. On Monday, both the Microsoft Corporation and the Netscape Communications Corporation said that some of their electronic mail programs contained flaws that would enable a malicious programmer to attach to an E-mail message a rogue program that would run automatically on a computer receiving it. The results could range from simply crashing the computer to stealing passwords or destroying data. Both Microsoft's Outlook E-mail products -- Express and Outlook 98 -- and Netscape Mail contain a flaw known as a buffer overflow error that allows a virus to lock up the E-mail programs and trick an operating system into running illicit software code in their place. Such mistakes are easy to make when using the C language, security researchers said, because it allows programmers tremendous latitude in the way they store information in the computer's memory. Moreover, although C++, a more advanced version of C, offers many protections against errors, it also accepts the older C-style programming conventions. This allows C++ programmers to bypass the newer language's safeguards and drive without a seat belt. The problem exists because, unlike most other languages, C does not differentiate types of data. A variable in C might hold any kind of information -- a number, a string of text characters, a date, etc. So, when programmers want to create a variable that can hold a string of text characters, like a password or a file name, they are forced to carve out a piece of the computer's memory to hold it. But a password might be 5 letters or 8 letters and a file name might be 4 characters long or 51 characters long. So the end of the character string is supposed to be marked by a special value that lets operating system know how much memory to set aside. The overflow bug occurs when a program fails to check the length of each character string, in which case a string that is too big to fit into the memory allocated to it will lock up the program. Although this type of error is well known and has been documented in programming literature for more than 30 years, it has been found increasingly these days in programs that send or get Internet data, making them of particular concern to security specialists. Bellovin said he had recently completed a review of the security advisories distributed by the Computer Emergency Response Team at Carnegie Mellon University. His study found that 4 out of 9 security problems in 1998 and at least 10 out of 28 in 1997 involved the same error found in the Microsoft and Netscape products. Java, in contrast, prevents this error by automatically allocating more memory to accommodate a character string of any length. "The language guarantees that data that isn't expected can't get through and corrupt or interrupt a program," said Paul Haahr, a San Francisco-based Java developer. Haahr said that the performance advantage enjoyed by C programs was often gained because they failed to do the rigorous checking that is built into Java. Despite safety advances in newer languages, many veteran software designers are fatalistic about the possibility of eliminating bugs. Robert Morris, a veteran security researcher who was once the chief scientist of the National Security Agency, said that in part the problem was a result of "the emergence of a commercial culture that is careless and counts on customers to find bugs once they are in the marketplace." Indeed, it was a decade ago that Morris's son, Robert Tappan Morris, then a first-year graduate student at Cornell University, used a similar buffer overflow error as one of the mechanisms that permitted his Internet Worm program to infect large portions of the Internet. Microsoft and Netscape, rushing software to the public in a fierce battle to dominate the Internet, were well aware of the danger and the consequences.