Tune XP - tune-up, tweak and optimize your Windows XP!
  
  
    Home   Products   Download   Purchase   News   Tips and Tweaks   FAQs
OOKO Search
Smart search for shareware and freeware
Backup
Completely protect yourself from fatal system failure
Security and Privacy
Enhance your security and protect your privacy
PC Monitoring
PC monitoring and surveillance software
Disk Management
Tune-up, tweak, optimize, fix problems on your hard disk
Password Recovery
Recover forgotten or lost passwords
System Tweaking
Tune-up, tweak and optimize your Windows system

How Code, Market Share Affect OS Security
The title of the column "Security Isn't Just Avoiding Microsoft" [Opinion, May 7] is somewhat true but far from being the answer when selecting a platform for your corporation.

C variants like C++ and C# are commonly used to develop Windows and applications for Windows. Legacy programming languages such as Cobol, however, provide strict enforcement of data field formats, movement and data-typing in results. An alphanumeric move from one field to another would always truncate or space-fill, respectively, the receiving field if it was a different length. Other “quirks” were also defined by the language, which defined the results of operations, or at least specified that the results may be undefined. The languages and tools commonly used to develop Windows and Web applications do not incorporate many of the features provided by mainframe languages. When combined with the possibility of overlooking the edit/validate data entry step, it is no wonder applications worked fine with correct data but failed when used with invalid or improper data.

While optional libraries have been produced that add many of the legacy languages’ data movement and data-typing features and thereby reduce some of the buffer overflows and similar vulnerabilities, when combined with additional programmed validation coding, a problem still exists in the Windows environment: It is designed to function like a C++ program that implements “operator overloading.” Difficult enough to design and implement in a single application, it’s impossible to control in an execution environment where there is a mix of languages, compilers, programs, scripts, functions and DLLs developed by third parties. Though your application might use the new libraries and coding to protect itself from stack overflows, what of the other programs/scripts/functions/DLLs? The Registry may control the dynamic invoking of “type to function/application/program/DLL/etc.,” and any application could replace another DLL or function. What guarantee is there that any other application, without those protections, hasn’t preempted the defaults you developed with?

I find it amazing that there are so few application or security problems with Windows.

Go back Go Back

Source: Computerworld.com

Tune XP CD-ROM
Give your computer a chance to show all of its potential with this new Tune XP collection of Windows XP tips and software, which will help you manage, secure, backup and tweak your system for good. This package will bulletproof your computer from many potential disasters and teach you more about your PC.

Learn more
Order TuneXP CD

What's Hot

Acronis DriveCleanser
Acronis PartitionExpert 2003
Ashampoo WinOptimizer Suite
Handy Backup
iOpus Password Recovery XP
SpyAgent
SpyBuddy
     Privacy Policy  |   Contact Us  |   Add to Favorites
     Copyright © 2003 Softpile Software