Interesting Thoughts on Microsoft and Security

Interesting Thoughts on Microsoft and Security

The Microsoft PDC is over. The entire day was spent on security, and I'll have a lot to say about it in the column. Brian Livingston's comment was “I always thought Windows was insecure, but after this morning I am terrified.”

I came away with a somewhat different view, which will go in the column. I do think the day confirmed what I have said for years, we took a wrong turn when we adopted C and C++ as system programming languages rather than Pascal / Modula 2. As far as I can see, the remedy to many of the security vulnerabilities is to revert to languages with strong typing, and range checking and type checking at compile time. They are planning to do that Real Soon Now for later versions of Windows.

C will compile anything: it's an assembler, not a language. It's possible to write secure code in C, I suppose, but I am not sure anyone has done it, and to do it you have to simulate the compiler in your head as you write code. I'd rather let the compiler catch errors.

Strong typing, type checking, and range checking would certainly have eliminated most and probably all the buffer overflow vulnerabilities.

Ah well. I said all this 20 years ago. [Jerry Pournelle:  Computing at Chaos Manor]

Leave a comment