[SystemSafety] "Ripple20 vulnerabilities will haunt the IoT landscape for years to come"
Martyn Thomas
martyn at thomas-associates.co.uk
Thu Jun 18 10:21:43 CEST 2020
From the descriptionin the linked article
<https://www.zdnet.com/article/ripple20-vulnerabilities-will-haunt-the-iot-landscape-for-years-to-come/>,
the three most serious vulnerabilities seem to be buffer overflows. Such
errors are easily avoidable but new vulnerabilities will continue to be
built into products until programmers change the way they write and
verify software.
Thousands of development teams have incorporated these library routines
in their products and, unsurprisingly, failed to find the
vulnerabilities in their testing. Yet today, thousands of development
teams will continue to resist using better methods, tools and languages.
As Tony Hoare wrote decades ago: ‘In any respectable branch of
engineering, failure to observe such elementary precautions would have
long been against the law.’
Martyn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.techfak.uni-bielefeld.de/pipermail/systemsafety/attachments/20200618/0532d114/attachment.html>
More information about the systemsafety
mailing list