APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

If buffer overflows are ever controlled, it won't be due to mere crashes, but due to their making systems vulnerable to hackers. Software crashes due to mere incompetence apparently don't raise any eyebrows, because no one wants to fault the incompetent programmer and his incompetent boss. (Henry Baker found at Pointing the finger at buffer overflows)

This is a deeply disturbing book. I thought things were getting better, that buffer overflows were going away as programmers learn to avoid them. but the authors explain that is an illusion: it's just that the reporting slacked off. They assert that not only do these problems still exist in great numbers, but that they will continue to plague us. The obvious confidence that they *can* break into your system is simply horrifying.

It is hard to believe that programmers keep making the same mistakes over and over again. Buffer overflows have been in the news for years now, every security page has warnings to coders, and almost every new programming book has a section on how NOT to make this kind of mistake. Yet it keeps happening. This book shows what those mistakes are AND how hackers exploit them. Explicitly, in great detail, with little left to your imagination. You need a good understanding of assembly language to get much out of this, but if you do have that background, this is a real eye-opener.

Some of this is a bit of a reach for me (it's been many a year since I did any C or Assembler), but it is fascinating, though in the same sense that watching a tiger stalk you might be: it's scary.

Certainly recommended for people who are writing code today, and I hope more of them pay attention, in spite of the authors opinions that many will not.

  • James C. Foster et al.
  • Syngress
  • 1932266674

book imahe Order (or just read more about) Buffer Overflow Attacks  from Amazon.com

Tony Lawrence 2005-02-01 Rating: 4.0

Got something to add? Send me email.

(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

-> Buffer Overflow Attacks


Inexpensive and informative Apple related e-books:

Take Control of Apple Mail, Third Edition

Take Control of Upgrading to El Capitan

iOS 8: A Take Control Crash Course

Take Control of Preview

Take Control of High Sierra

More Articles by © Tony Lawrence

Sun Jun 1 22:20:47 2008: 4279   BigDumbDinosaur

The object-oriented model makes it easy to build up programs by accretion. What this often means, in practice, is that it provides a structured way to write spaghetti code. (Paul Graham)

My favorite quote. <Grin>

Sun Jun 1 22:36:49 2008: 4280   BigDumbDinosaur

As long as I'm picking on object-oriented languages, I present another apt quote: There are only two things wrong with C++: The initial concept and the implementation. (Bertrand Meyer)


Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

Printer Friendly Version

While modern technology has given people powerful new communication tools, it apparently can do nothing to alter the fact that many people have nothing useful to say. (Leo Gomes)

Linux posts

Troubleshooting posts

This post tagged:




Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode