Unicode cannot be secure---B. Schneier
Posted Feb 19, 2004 15:28 UTC (Thu) by Max.Hyre
In reply to: Unicode bugs
Parent article: The kernel and character set encodings
Well, that should get their attention. :-) The exact wording
was ``Unicode is just too complex to ever be secure.''
In his July 2000 Crypto-gram article
Unicode, Schneier points up the failures we've had dealing with
ASCII control characters, escape sequences, different semantics at
different levels of the application (think writing a
command to grep for a particular
grep regular expression),
and concludes that with Unicode it's not merely hard, it's effectively
I don't know enough about Unicode to argue the details, but it
certainly made me sit up and take notice.
to post comments)