Firewall Wizards mailing list archives
Re: Penetration testing via shrinkware
From: David Collier-Brown <davecb () canada sun com>
Date: Wed, 23 Sep 1998 12:14:04 -0400
Marcus J. Ranum wrote:
Richard Christie wrote:What your really driving at Marcus is developing software in a trusted manner. Companies developing Firewall software should be evaluated by SEI for a Capability Maturity Model (CMM) rating.
Marcus J. Ranum wrote:
ARrrggghhHH!!!!More formalistic nonsense scams! Does someone's ability topredictably generate documentation really correlate to their ability to produce a good product that works?? The SEI evaluation may have some validity, but it strikes me more like an attempt to do one of those ISO9000-oid certification scams.
SEI is trying for reproducability, to oversimplify slightly.
This is an orthogonal, if similar, goal to trusteable development.
I wouldn't expect to find any causual relationships between
the two: more like both will be caused by a third factor.
--dave
--
David Collier-Brown, | Cherish your enemies. They're harder to
185 Ellerslie Ave., | come by than friends and more motivated.
Willowdale, Ontario | davecb () canada sun com, hobbes.ss.org
N2M 1Y3. 416-223-8968 | http://java.science.yorku.ca/~davecb
Current thread:
- Re: Penetration testing via shrinkware, (continued)
- Re: Penetration testing via shrinkware James Goldston (Sep 21)
- Re: Penetration testing via shrinkware Frederick M Avolio (Sep 21)
- encrypting modem arjo (Sep 22)
- Re: encrypting modem Leonard Miyata (Sep 23)
- Re: encrypting modem Michael Barkett (Sep 23)
- Re: encrypting modem iCefoX (Sep 23)
- Re: Re[2]: Penetration testing via shrinkware Marcus J. Ranum (Sep 23)
- Re: Penetration testing via shrinkware David Collier-Brown (Sep 24)
- Re: Re[2]: Penetration testing via shrinkware Perry E. Metzger (Sep 24)
- Re: Re[2]: Penetration testing via shrinkware Joseph S. D. Yao (Sep 24)
- Re: Penetration testing via shrinkware David Collier-Brown (Sep 24)