[55440] in North American Network Operators' Group
Re: Bell Labs or Microsoft security?
daemon@ATHENA.MIT.EDU (Alif The Terrible)
Wed Jan 29 09:46:29 2003
Date: Wed, 29 Jan 2003 08:27:19 -0600 (CST)
From: Alif The Terrible <measl@mfn.org>
To: Richard A Steenbergen <ras@e-gerbil.net>
Cc: Sean Donelan <sean@donelan.com>, nanog@merit.edu
In-Reply-To: <20030129131845.GE78231@overlord.e-gerbil.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, 29 Jan 2003, Richard A Steenbergen wrote:
> On Wed, Jan 29, 2003 at 03:32:41AM -0500, Sean Donelan wrote:
> >
> > FORTRAN/COBOL array bounds checking. Bell Labs answer: C. Who wants
> > the computer to check array lengths or pointers. Programmers know what
> > they are doing, and don't need to be "constrained" by the programming
> > language. Everyone knows programmers are better at arithmatic than
> > computers. A programmer would never make an off-by-one error. The
> > standard C run-time library. gets(char *buffer), strcpy(char *dest, char
> > *src), what were they thinking?
>
> Possibly that bounds checking is an incredible cpu suck, there are a great
> many powerful things you can do in C based on the fact that there is no
> bounds checking (pointers ARE your friend god damnit :P), and in a world
> before buffer overflow exploits it probably didn't matter if Joe Idiot's
> program crashed because he goofed? (hindsight is 20/20)
I think the larger concern at that time was memory capacity. Remember that
only the very largest machines had over 128K.
