LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Unicode cannot be secure---B. Schneier

Unicode cannot be secure---B. Schneier

Posted Feb 19, 2004 15:28 UTC (Thu) by Max.Hyre (subscriber, #1054)
In reply to: Unicode bugs by simonl
Parent article: The kernel and character set encodings

Well, that should get their attention. :-) The exact wording was ``Unicode is just too complex to ever be secure.''

In his July 2000 Crypto-gram article on Unicode, Schneier points up the failures we've had dealing with ASCII control characters, escape sequences, different semantics at different levels of the application (think writing a bash command to grep for a particular grep regular expression), and concludes that with Unicode it's not merely hard, it's effectively impossible.

I don't know enough about Unicode to argue the details, but it certainly made me sit up and take notice.

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds