Re: Microsoft Outlines New Initiatives in Ongoi ng Security Efforts To Help Customers

["Kenneth R. van Wyk" <ken () vanwyk org>]

On Thursday 09 October 2003 13:50, Dehner, Benjamin T. wrote:
> What is interesting in this article is what Balmer does NOT say.
> Specifically:
> -- code auditing to prevent security problems
> -- Q/A testing of software to detect bugs
> -- testing of patches to prevent patch interaction and over-write
> issues
> -- third party security testing

These all seem to me to be reasonable steps for detecting/preventing/removing 
software implementation flaws, but they don't address design or architectural 
concerns.  That being said, ridding the world of every buffer overflow would 
be a great thing.  But I'm still concerned with design problems.  For 
example, an email program that allows a user to mouse-click on an attachment 
and run it with all of the privileges of the user has a fundamental design 
flaw that removing every single buffer overflow and such won't cure.  
Likewise for architectural flaws.

IMHO, developing safe software must be an engineering process that, among 
other things, includes tests at each phase of the development life cycle.  
Testing source code is just one component of that.

Cheers,

Ken van Wyk
(Co-author, Secure Coding (O'Reilly, 2003), http://www.securecoding.org)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html