Tech Off Thread

4 posts

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Secure Coding

Back to Forum: Tech Off
  • User profile image
    ben2004uk

    Evening C9'ers

    So I am wondering, with C++ security was a big issue which we are all well aware of.

    With .net, I understand that it's secure out of the box.  But is it??

    Can pure, safe C# still get hacked??

    I know applications can still get hacked (bad security/validation model) but is secure coding still an issue??

    For example, should a C#/ASP.net/WPF developer read the Secure Coding book (Recommended MSPress)?

    Your thoughts would be great!!!


    Cheers


    Ben

  • User profile image
    DoomBringer

    Language can help with security, but the skill of the coder is all important.  If you take unclean user input and just throw it at a SQL database, or something, it will be a disaster.  No language is 100% safe, thankfully.

  • User profile image
    PerfectPhase

    ben2004uk wrote:


    Can pure, safe C# still get hacked??



    This is quite amusing http://www.roadtowinfx.com/ddd/2005-10-22_DeveloperDay_session06.wmv

  • User profile image
    ben2004uk

    yeah I was in his sesssion at DDD3.  Really good session, but isn't he using interop to do most of that?? Like the buffer overflow is actually in C++ and not C#.

    The only bit I could see which is a problem with C# is reflection and all the things which come from that (like enabling buttons when you shouldnt be able to), which is more down to poor design than the language.

    I do admit, secure coding is on my to do list of things to learn so I could be way off.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.