Re: I have a 0-day exploit, but don't want to tell you what it is
Re: I have a 0-day exploit, but don't want to tell you what it is
- Subject: Re: I have a 0-day exploit, but don't want to tell you what it is
- From: Michael Crawford <email@hidden>
- Date: Tue, 30 Jul 2013 13:10:12 +0000
Jeffrey,
> Read John Robbin's Debugging Applications.
Thanks for the tip. I'll check it out.
What I usually do in practice, is to use C++, but then get most of it
right at the very first try.
In My Honest Opinion, C++ is the very best language for writing
reliable code, or if it has to be buggy, for writing source that is
easy to debug.
C++'s reputation is absolutely terrible. That results, for the most
part, from it being traditionally taught by teach C first, then
introducing C++ as a "A Better C", then later "C With Objects", and so
one, incrementally, with the C++ language as a whole not being really
considered until much later.
If one approaches it that way, one will never get the bugs out of
one's source. C++ is designed to be used a certain way; if it's
actually used that way, it's very easy to work with, but the way that
C++ wants to be used, is not the way it is commonly taught.
I had a really, really hard time figuring out how to get the bugs out
of my Objective-C code. I wrote Warp Life for iOS with Cocoa Touch
and almost all Objective-C, with just a little bit of C, mainly
because I wanted to learn Cocoa Touch and Objective-C. But now,
having actually learned them, I would rather use C++ than Objective-C.
I attended a talk at the 2008 WWDC, where the original iPhone SDK was
opened up to us third-party developers, in which an Apple engineer
actually said one could freely mix Objective-C and C++. I very nearly
started shouting at him when he made that claim. Really now I wish
that I had actually done so.
I don't want to go into the details just now, but there are all kinds
of reasons you _do_ _not_ want to freely mix the two languages. I am
able to contemplate all manner of ways to usefully combine the two
languages into a single executable, but all those ways involve
carefully structuring the relationship between the two, and not at all
freely mixing them.
I am in general a good coder, and I like writing software, but in most
other respects I do not like the actual work of most software
engineering. For one, I regard the computer industry as a whole to be
a corruption-ridden cesspool. For the most part I have the utmost
regard for my direct coworkers, but not so for many of those in
positions of power, or for those who supply the financing that makes
our industry go.
That's why, despite having come up with all manner of ideas that I
could obtain financing for, I have never in my life approached a
Venture Capitalist for funding. In general, I avoid so much as
applying to Venture-backed companies.
For quite a long time now, I have come to regard writing and teaching
to be my true calling. I enjoy them both more, and feel that I am
better at both writing and teacher than I am at actually writing code.
But given that I've worked as a coder for most of my career, I do feel
I have a great deal to contribute by writing about how to be a better
programmer, in this particular thread, by writing about how to fix
security holes through the use of more-effective testing and debugging
techniques.
I'll go mark up my original post in HTML now, then should be able to
post it at my site within the hour. Again it will be at:
http://www.warplife.com/tips/code/security/fix-everything/
Again there is a great deal more that I feel I should say, but rather
than trying to say it all at once, I feel it would be more effective
to carry out a discussion over an extended period of time, not just
here on xcode-users, but also on other lists or discussion sites that
I'm a member of, with the best resulting ideas being distilled into my
article.
Ever Faithful,
Mike Crawford
email@hidden
http://www.warplife.com/
Available for mobile development work in our near Portland, Oregon.
On Tue, Jul 30, 2013 at 10:40 AM, Jeffrey Walton <email@hidden> wrote:
> On Tue, Jul 30, 2013 at 5:42 AM, Michael Crawford <email@hidden> wrote:
>> ...
>>
>> Of all the things I know how to do with computers, I am the very best
>> at debugging code. I credit this in large part to Robert Ward's book
>> "Debugging C". I read the first edition; there is a second edition
>> with a somewhat different title that I have not read it.
> If you are still debugging your code - rather than letting the code
> debug itself - then you have too much time on your hands ;) I believe
> the consultants call it "an opportunity for improvement."
>
> Read John Robbin's Debugging Applications. Its written for Windows and
> its C-based API, but it applies to nearly all platforms and languages.
> He'll teach you how to write self debugging code.
>
> Jeff
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden