Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Ask Slashdot: Reviewing 3rd Party Libraries?

dougTheRug Fortify SCA (88 comments)

in my day job I work for Fortify. You can contact the developers of this library and request that they use static analysis product on their software, or request a security review from a 3rd party. We would for sure catch those SQL injections and more. But we would need the original source code. You can probe for things from the binary, but the results don't come back in a way that is very actionable for the developers. As for your predicament: I think you would be better off writing your own library, rather than putting the insecure one to work.

about 8 months ago

Going To Boot Camp

dougTheRug Re:Dual boot? How about virtualization, too! (531 comments)

Which of those products ran hypervisory kernels, or anything like it? I can answer for you: the x86 card.

And although it may have been usable in 1995, it wasn't usable yesterday. Emulation or dual booting was the only option yesterday. I think the Wisconsin Cocksucker's post is pretty interesting.

more than 8 years ago


dougTheRug hasn't submitted any stories.


dougTheRug has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?