Re: Ballmer to crackers: this PC ain't big enough for the both of us

[InfoSec News <isn () c4i org>]

Forwarded from: Russell Coker <russell () coker com au>

On Wed, 17 Sep 2003 18:21, InfoSec News wrote:
> "One area of investment that we're pursuing is what's called
> post-processing of source code to find vulnerabilities, so you
> actually go back and you have tools that look through the source
> code and help identify potential vulnerabilities. And it is true
> that those tools do get dramatically better with each vulnerability
> as we learn and can teach them to help spot whole new classes of
> attacks that come from hackers," Ballmer said.

Excellent point!  Now it should be noted that some OSs (such as Linux
and BSD Unix) have the source available for anyone to "post process",
while some OSs (such as Windows) do not have the source available.

So if anyone wants to do research in methods of pro-actively finding
security holes then they can't use Windows.  With Windows you are
limited to what MS can achieve...

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.