There's no excuse for the security problems in Windows NT, but after following computer-security issues and using Unix (as well as NT) for some time, I'm surprised to see Unix being held up as a standard. Many of the same sorts of flaws discussed in the article "Déjà Vu All Over Again" are still present in Unix 25 years later. (See
ftp://info.cert.org/pub/cert_advisories.)
And because the flaws are so obvious, no one even bothers to talk much anymore about how the configuration of typical Unix-based NFS servers leaves them expose
d to the simplest kinds of attacks, including those that can result in the destruction of data. By default, NFS servers simply trust -- without requiring any cryptographic or password-based proof of identity -- that their clients are who they say they are. The computer industry and computer users have a long road ahead of them to reach the goal of a truly secure computing environment.
Nathaniel Mishkin
mishkin@worldnet.att.net
Flexible C++
Matthew Wilson
My approach to software engineering is far more pragmatic than it
is
theoretical--and no language better exemplifies this than C++.
BYTE Digest editors every month analyze and evaluate the best articles from Information Week, EE Times, Dr. Dobb's Journal, Network Computing, Sys Admin,
and dozens of other CMP publications—bringing
you critical news and information about wireless communication,
computer security, software development, embedded systems,
and more!
Same Nightmare, Different Bed
