Re: Anonymized Question for *

[H D Moore <hdm-daily-dave () digitaloffense net>]

With tools like IDA and Halvar's bindiff code, having access to the source 
code is no longer as significant advantage as it used to be. Anyone who 
has tried using the available source code scanners can testify that bugs 
which were missed by the scanners could easily by found through fuzzing 
and reverse engineering techniques. Due to advancements in compiler 
development, the source code may not accurately reflect the compiled 
product anyways. With that being said, having the source code to an 
application makes exploit development so much simpler... 

$question = <<END_QUESTION
Does Microsoft's Government Security Program (GSP), which gives access
MS source code to participating governments, make it significantly
easier for those governments' intelligence services to find
vulnerabilities in Microsoft products?

**Assumption: Most GSP participants would share the MS source code with
their intelligence services...

**URL: http://www.linuxinsider.com/perl/story/33504.html
END_QUESTION
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave