Greater than 90% of all the security issues currently out there have to do with sloppy programming. Buffer overflows and address book accessing viruses should be impossible if input is properly validated and attachments not permitted to execute without validation. If software companies really had the customers best interests at heart they would create good software and not hide behind a liability exemption.
Any hardware will have a software interface that WILL be vulnerable unless changes are made to the way that software is produced and tested. Currently, I liken Microsoft to an art restorer that has managed to destroy every work it is asked to restore. Now, with Palladium they want to 'restore' the Mona Lisa and tell us not to worry.
For some reason, I'm not reassured.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/93/13730#13730