Dailydave mailing list archives

Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did

From: "Anton A. Chuvakin" <anton () chuvakin org>
Date: Wed, 4 Feb 2004 10:33:19 -0500 (EST)

This is crap. If you spend your whole life looking for security bugs in
your product, then you find them. Continuously. You'll end up finding at

It well might be crap (I personally don't know), but I think his main
point was:

"Yes, it's faster and cheaper to design security into software than bolt
it on afterward. But it's even fasterer and cheaperer to build crappy
software to get the project rolled out immediately, please your boss and
help the company make its quarterly number. Guess which path most
organizations will always take."

rather than whatever "6.5" times numbers to compare before and after QA.

Best,
-- 
Anton A. Chuvakin, Ph.D., GCIA, GCIH
     http://www.info-secure.org
   http://www.securitywarrior.com

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Dave Aitel (Feb 04)
- Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Rodney Thayer (Feb 04)
- Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Anton A. Chuvakin (Feb 04)
  - Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Dave Aitel (Feb 04)
- RE: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Chris Eagle (Feb 04)
  - Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Blue Boar (Feb 04)
    - Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Dave Aitel (Feb 04)
    - RE: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Chris Eagle (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Matt Hargett (Feb 04)
    - RE: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Chris Eagle (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Gunnar Peterson (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Sinan Eren (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did H D Moore (Feb 04)

(Thread continues...)