Full Disclosure mailing list archives

Re: Sidewinder G2

From: David Maynor <dave () 0dayspray com>
Date: Tue, 18 Nov 2003 14:10:56 -0500

On Tue, Nov 18, 2003 at 02:50:13PM -0500, Valdis.Kletnieks () vt edu wrote:

"Testing can prove the presence of flaws, but not their absence" -- Dijkstra.

The same exact logic of why a crypto challenge doesn't prove anything
applies to a firewall challenge as well.


Lets take a example. I have firewall A that uses crypto method B.
Cryptalanysis against B will not prove that the firewall implemented it
properly. On the flip side failing to comprimise the firewall will not
prove the method B is sound. 

The logic maybe the same but the implementation of the logic is
diffrent. The reasons that were mentioned in the article applies to
crypto far more than vulndev of products.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Sidewinder G2, (continued)
- - RE: Sidewinder G2 Ron DuFresne (Nov 20)
- RE: Sidewinder G2 Perrymon, Josh L. (Nov 18)
  - Re: Sidewinder G2 Valdis . Kletnieks (Nov 18)
- RE: Sidewinder G2 Patrick Doyle (Nov 18)
  - Re: Sidewinder G2 Michael Gale (Nov 18)
- RE: Sidewinder G2 Kruse, Steve (Nov 18)
  - RE: Sidewinder G2 Brent J. Nordquist (Nov 18)
    - Re: Sidewinder G2 David Maynor (Nov 18)
    - Re: Sidewinder G2 Brent J. Nordquist (Nov 18)
    - Re: Sidewinder G2 Valdis . Kletnieks (Nov 18)
    - Re: Sidewinder G2 David Maynor (Nov 18)
    - RE: Sidewinder G2 Ron DuFresne (Nov 20)
    - RE: Sidewinder G2 Mike Fratto (Nov 20)
    - RE: Sidewinder G2 Ron DuFresne (Nov 25)
  - RE: Sidewinder G2 Mike Fratto (Nov 18)
  - RE: Sidewinder G2 Michal Zalewski (Nov 19)
- RE: Sidewinder G2 Perrymon, Josh L. (Nov 18)
  - Re: Sidewinder G2 Valdis . Kletnieks (Nov 18)
    - Re: Sidewinder G2 Michael Gale (Nov 18)
- RE: Sidewinder G2 Kruse, Steve (Nov 18)
- Re: Sidewinder G2 Michaelmas (Nov 18)

(Thread continues...)