Full Disclosure mailing list archives
Re: Learn from history?
From: Valdis.Kletnieks () vt edu
Date: Wed, 05 May 2004 13:59:26 -0400
On Wed, 05 May 2004 04:55:12 EDT, Lennart Damm <lennart.damm () excite com> said:
It would be interesting to draw security conclusions from past vulnerabilities and accompanying solutions (patches, etc.).
Here's a classic paper (the original Multics vulnerability analysis by Karger and Schell): http://www.acsac.org/2002/papers/classic-multics-orig.pdf Here's their 30-years-later retrospective: http://www.acsac.org/2002/papers/classic-multics.pdf Executive summary: We've learned somewhere between diddly and squat from 30 years of experience.
Attachment:
_bin
Description:
Current thread:
- Learn from history? Lennart Damm (May 05)
- RE: Learn from history? Alerta Redsegura (May 05)
- Re: Learn from history? Valdis . Kletnieks (May 05)
- <Possible follow-ups>
- RE: Learn from history? Serge van Ginderachter (svgn) (May 05)
- RE: Learn from history? Alerta Redsegura (May 05)
- RE: Learn from history? full-disclosure (May 05)
- RE: Learn from history? Stuart Fox (DSL AK) (May 05)
- RE: Learn from history? Alerta Redsegura (May 05)
- RE: Learn from history? Stuart Fox (DSL AK) (May 05)
- Re: Learn from history? Ondrej Krajicek (May 06)
- RE: Learn from history? Serge van Ginderachter (svgn) (May 06)
- RE: Learn from history? Alerta Redsegura (May 06)
- RE: Learn from history? Ferris, Robin (May 06)
(Thread continues...)