Three computer bugs this year exposed passwords, e-mails, financial data, and other kinds of sensitive information connected to potentially billions of people. The flaws cropped up in different places-the software running on Web servers, iPhones, the Windows operating system-but they all had the same root cause: careless mistakes by programmers. Each of these bugs-the "Heart-bleed" bug in a program called OpenSSL, the "goto fail" bug in Apple's operating systems, and a so-called "zero-day exploit" discovered in Microsoft's Internet Explorer-was created years ago by programmers writing in C, a language known for its power, its expressiveness, and the ease with which it leads programmers to make all manner of errors. Using C to write critical Internet software is like using a spring-loaded razor to open boxes-it's really cool until you slice your fingers.
展开▼
机译:今年发生了三起计算机漏洞,它们暴露了与潜在的数十亿人相关的密码,电子邮件,财务数据和其他类型的敏感信息。这些缺陷遍布不同的地方-在Web服务器,iPhone,Windows操作系统上运行的软件-但它们都有相同的根本原因:程序员的粗心大意。这些错误中的每一个都是在几年前创建的,这些错误是称为OpenSSL的程序中的“ Heart-bleed”错误,Apple操作系统中的“ goto fail”错误以及在Microsoft Internet Explorer中发现的所谓的“零时漏洞”。通过使用C语言编写的程序员,C语言以其强大的功能,表达能力以及引导程序员犯下各种错误的容易程度而著称。使用C编写关键的Internet软件就像使用弹簧剃须刀打开盒子一样,直到切成薄片之前,它真的很酷。
展开▼
