Re: Curious questions...

[Kowsik Guruswamy <kowsik () gmail com>]

On 10/24/05, Nick FitzGerald <nick () virus-l demon co uk> wrote:
> Kowsik Guruswamy wrote:
>
> <<snip>>
> > What I'm really leading to is, how can we, as people involved in the
> > security industry, address and fix this gap? Full-disclosure is fine
> > and dandy, but it doesn't get to the root cause early enough.
>
> Addressing that issue is the primary focus of the "Secure Coding"
> mailing list:
>
>    http://www.securecoding.org/list/
>
> Pretty low-volume and tends to be (quasi-)academics and hardened secure
> code developers talking about what has worked and where (in short, you

Yeah, I'm on that list as well. Hard core development and academia
seem to miss out on the deviousness and the inquisitiveness of a good
security expert - good or bad. Isn't that a big part of the problem?

> Now, as this is _fun_sec and that was pretty boring:
>
> > ps: I used to be at Juniper and I was the chief architect for their
> > IDP product line. In that role, I've seen on both sides of the coin
> > (more product development than active vulnerability research though).
>
> So its _you_ we should string up??    8-)

http://www.juniper.net/customers/support/  ;-)

K.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.