•The computer (or programmer) should check the size of the buffer first before trying to put all of the data into it.
•Popular languages like C/C++ don’t automatically check the bounds of the buffer.
•Programmers who use C/C++ are responsible for performing this check.
Often they don’t.
•Programming shops often don’t use checklists to spot this type of error and often testers don’t think of trying to make buffer overflows show up
•Answer: Modern software practice is sloppy, and buffer overflows get through (see the life cycle)