Firewall Wizards mailing list archives
Re: FWTK and smap/smapd
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Thu, 18 Jul 2002 17:35:48 -0400
Adam Shostack wrote:
But I think that we need actual audits. I'm starting to think that such audits may be a public good, and worth encouraging the government to spend money on, because lord knows the private sector isn't. (Or at least, they're not sharing.)
You mean like the code audit NSA had done of the fwtk back in ?? (I think it was) - Unfortunately I never had the necessary clearances to learn any of the results. I privately funded an audit by betting Mudge and some of the l0phters that I'd buy them a pint of Guiness for every bug they found - which is why there was a small contingent of blind-dead-drunk software engineers at USENIX in San Antonio a bunch of years later... I don't think audit works: there are more bad programmers than good programmers. So to audit all the code we'd have to stand down all the good programmers - who are the guys who get all the useful coding done anyhow. The entire software industry would collapse. Legend is this may already have happened. mjr. --- Marcus J. Ranum - Computer and communications Security Expertise mjr () ranum com (http://www.ranum.com) _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Code reviews [Was: FWTK and smap/smapd], (continued)
- Re: Code reviews [Was: FWTK and smap/smapd] ark (Jul 23)
- Re: Code reviews [Was: FWTK and smap/smapd] Carson Gaspar (Jul 23)
- Re: Code reviews [Was: FWTK and smap/smapd] Joseph S D Yao (Jul 23)
- Re: Code reviews [Was: FWTK and smap/smapd] Carson Gaspar (Jul 23)
- Re: Code reviews [Was: FWTK and smap/smapd] Darren Reed (Jul 23)
- Re: Code reviews [Was: FWTK and smap/smapd] Joseph S D Yao (Jul 23)
- Re: Code reviews [Was: FWTK and smap/smapd] Darren Reed (Jul 23)
- Re: FWTK and smap/smapd Brian Hatch (Jul 19)
- Re: FWTK and smap/smapd Adam Shostack (Jul 17)
- Re: FWTK and smap/smapd Joseph S D Yao (Jul 17)
- Re: FWTK and smap/smapd Marcus J. Ranum (Jul 18)
- Re: FWTK and smap/smapd Darren Reed (Jul 18)
- Re: FWTK and smap/smapd Charles W. Swiger (Jul 17)
- Re: FWTK and smap/smapd Rick Murphy (Jul 17)
- Re: FWTK and smap/smapd Devdas Bhagat (Jul 17)
- Re: FWTK and smap/smapd Rick Murphy (Jul 17)
- Re: FWTK and smap/smapd Charles W. Swiger (Jul 17)
- Firewalls breaking stuff: [Was re: fwtk] Marcus J. Ranum (Jul 18)
- Re: Firewalls breaking stuff: [Was re: fwtk] Dominik Miklaszewski (Jul 18)
- Re: Firewalls breaking stuff: [Was re: fwtk] Charles W. Swiger (Jul 19)