Dailydave mailing list archives

Re: Lame studies that people quote as fact thathaveno basis in reality and still don't prove anything even ifthey did

From: "Matt Hargett" <matt () use net>
Date: Wed, 4 Feb 2004 17:37:40 -0800

Matt wrote:

I also think they were referring more towards cases in which new
functionality needs to be added to existing code, or existing
functionality modified to some significant degree. Vulnerabilities
don't tend to fall into either of these categories.


Are you for real? How do you define vulnerability?


Neither of the above imply the software is broken while a vulnerability
does. Software can a) get redesigned or b) have features added without c)
discovering or repairing any vulnerabilities. Both a and b are probably

more

expensive than c.


I'm sorry, I thought you were implying that architectural and/or
implementation vulnerabilities in existing code aren't introduced (knowingly
or unknowingly) with refactoring or feature adds. I must've misunderstood
what you were saying. Thanks for the clarification.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did, (continued)
- - Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Blue Boar (Feb 04)
    - Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Dave Aitel (Feb 04)
    - RE: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Chris Eagle (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Matt Hargett (Feb 04)
    - RE: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Chris Eagle (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Gunnar Peterson (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Sinan Eren (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did H D Moore (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Sinan Eren (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did H D Moore (Feb 04)
    - Re: Lame studies that people quote as fact thathaveno basis in reality and still don't prove anything even ifthey did Matt Hargett (Feb 04)
    - RE: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Rodney Thayer (Feb 04)
    - Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did the grugq (Feb 04)
- Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Matt Hargett (Feb 04)
  - Re[2]: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Halvar Flake (Feb 05)
    - Re: Re[2]: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Matt Hargett (Feb 05)