[60088] in North American Network Operators' Group
Re: WANTED: ISPs with DDoS defense solutions
daemon@ATHENA.MIT.EDU (Stephen J. Wilcox)
Thu Jul 31 14:22:18 2003
Date: Thu, 31 Jul 2003 19:21:44 +0100 (BST)
From: "Stephen J. Wilcox" <steve@telecomplete.co.uk>
To: Petri Helenius <pete@he.iki.fi>
Cc: Vadim Antonov <avg@kotovnik.com>, Paul Vixie <vixie@vix.com>,
<nanog@merit.edu>
In-Reply-To: <015001c3578e$e7326d00$812a40c1@PETEX31>
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 31 Jul 2003, Petri Helenius wrote:
>=20
> > What we need is a new programming paradigm, capable of actually produci=
ng
> > secure (and, yes, reliable) software. C and its progeny (and "program
> > now, test never" lifestyle) must go. I'm afraid it'll take laws which
> > would actually make software makers to pay for bugs and security
> > vulnerabilities in shipped code to make such paradigm shift a reality.
> >
> Blaming the tools for the mistakes programmers make is like saying "guns =
kill people"
> when the truth is that people kill people with guns.
>=20
> We=B4ve code running, where the core parts are C and has a track record b=
etter
> than the "utopian" five nines so many people mistakenly look for.
>=20
> However, since improvements are always welcome, please recommend tools wh=
ich
> would allow us to progress "above and beyond" C and it=B4s deficencies.
We digress but..
Private deployment of software written in C is very different from a major=
=20
public release, especially so when included with source code.
Steve
