>> As far as I can tell, 98% of all security issues are buffer overruns - >> trivially fixable, yet nobody seems to think it's necessary.> > The three biggest are buffer overruns, SQL injection, and XSS injection.
Not for desktop applications, I'd suspect. (Injection attacks are
typically more applicable to websites.)
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
