Secure Coding mailing list archives

Dark Reading - Discovery and management - Security Startups Make Debut - Security News Analysis

From: BlueBoar at thievco.com (Blue Boar)
Date: Mon, 22 Jan 2007 15:10:33 -0800

ljknews wrote:

Analyzing source code is independent of machine architecture.

My guess is that if a company actually is capable of analyzing
binary code they only do it for the highest volume instruction
sets.

My guess is that attackers will go after machines they feel are
less protected.

Efforts which merely change attacker behavior are a waste of time.


Nope. If I'm running x86 boxes, I'd be more than happy to have to
attackers move to SPARC.

Besides, once a bug is found in the x86 binary, the problem gets fixed
in the source and/or compiler.

                                        BB

Current thread:

Dark Reading - Discovery and management - Security Startups Make Debut - Security News Analysis Kenneth Van Wyk (Jan 22)
- Dark Reading - Discovery and management - Security Startups Make Debut - Security News Analysis ljknews (Jan 22)
  - Dark Reading - Discovery and management - Security Startups Make Debut - Security News Analysis Blue Boar (Jan 22)
    - Dark Reading - Discovery and management - Security Startups Make Debut - Security News Analysis ljknews (Jan 22)
  - Dark Reading - Discovery and management - Security Startups Make Debut - Security News Analysis Crispin Cowan (Jan 24)
    - Dark Reading - Discovery and management - Security Startups Make Debut - Security News Analysis ljknews (Jan 27)
  - Dark Reading - Discovery and management - Security Startups Make Debut - Security News Analysis der Mouse (Jan 25)
- Dark Reading - Discovery and management - Security Startups Make Debut - Security News Analysis Chris Wysopal (Jan 22)