10 December 2001
David Larochelle
3
Why aren’t we better off than we
were 13 years ago?
•Ignorance
•C is
difficult to use securely
–Unsafe
functions
–Confusing
APIs
•Even security aware programmers make mistakes.
•Security Knowledge has not been codified into the development process