Actual quote from the CTO of a company that makes some security-related software (it's a major selling point) for a specific sector. They probably have over a hundred million people using this stuff day-to-day, indirectly, and hundreds of direct, large customers. Security bypass can easily cost hundreds of thousands a month.
I had found a backdoor in their platform, so I asked if they had such basic holes, how they managed to write a large C-based app securely. Like, buffer overflows, for example.
CTO/head of development replied: "Buffer overflows? Probably not an issue, unless the network is really fast." Cringe.
I had found a backdoor in their platform, so I asked if they had such basic holes, how they managed to write a large C-based app securely. Like, buffer overflows, for example.
CTO/head of development replied: "Buffer overflows? Probably not an issue, unless the network is really fast." Cringe.