Who Put Security Peanut Butter In My VC Chocolate?

Dave G. | February 26th, 2007 | Filed Under: Disclosure

I read VC blogs. I am not ashamed of it. But I was a little weirded out when I was reading Feld Thoughts and saw a post titled “What’s Special About 2,147,483,649?”.

It actually links to a post about Newsgator’s Inbox product that had an integer overflow in their post id code. It seems the author is unaware of the security implications of integer handling problems.

Why am I telling you the gory details? One - you should know why you need to upgrade. Two - the problems of Y2K aren’t just about dates.

I graduated college in 2001, and though I was very well schooled in the problems of the Y2K bug, I always equated it to a problem with dates and not data in general… and as any developer will tell you, until you get really bitten by a bug like this its not something that’s front of mind.

Hopefully my experience will make other developers more aware!

Sadly, the experiences of every major vendor getting slammed by these bugs hasn’t made more developers aware.