RE: anonymized

["Mike Bailey" <mike.bailey () sunbladesecurity com>]

> I think it's perfectly valid to fault these guys.  Just 
> because they are marketing a product and have a web site and 
> P-R folks is no reason I have to assume they are selling a 
> product that works.  There's no real data to suggest their 
> product works, that I noticed.  
>
> Security by obscurity is a bad thing.

VERY TRUE! I never said it worked or defended it. My comments are that
business doesn't care about working or not as long as it sells and they'll
use whatever tactic they can to get the sales.  I'm just saying that the
hype "may" embarrass and upset the devs as much as anyone else and unless
they're too full of themselves to know better.

> Yeah and drug company execs would market horse poop in pill 
> form if they could convince 60 year old guys it would make 
> them better with their
> 22 year old dates.  That's why you want it tested, for some 
> value of tested.  (P.s. buying Canvas and using that for 
> testing would be a fine example.)

TRUE AGAIN! It's not much to ask. At least it's an overt effort to
demonstrate they care. They should send a couple of people to class to learn
how to use the tools as well.  Still not asking very much..

> There is.  It's called the technical publications media.  I 
> do reviews for them.  Lots of other people do too.  We try to 
> document crap when it's crap.

I mean the standardized format. Not just "a" review but a buyers guide
system that lists how the performance goes over time using the same criteria
for all products. I know it's easier to say than do with software revisions
new products, obscuring function with form and so on..

   

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave