Full Disclosure mailing list archives
Re: PFW and Program Correctness
From: "Clairmont, Jan" <JMC13 () mail3 cs state ny us>
Date: Fri, 16 Jan 2004 12:12:09 -0500
Vulnerabilities are impossible to entirely eliminate, just as proving correctness of an algoritm, Knuth and others, errors exponential increase as the code increases. They will never get any code completely bug or security flaw free. And the more people use the systems the more things or problems will come out. Expecting MS or Linux or Solaris to get it all out is an insane requirement. I do expect adequate QA testing, and doing security pen testing is the minimum, but that won't always cut it, that why there is customer beta testing. I suppose working on the internet is like driving on a busy highway, hopefully your experienced drivers can avoid the MAC trucks. But some accidents just become unavoidable and the novice drivers get into the most accidents... It's experience and safe habits, buckle your seat belt baby you're in for a helluva ride. Jan Clairmont LDAP and Solaris Admin. Consultant _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: PFW and Program Correctness Clairmont, Jan (Jan 16)
- <Possible follow-ups>
- RE: PFW and Program Correctness Clairmont, Jan (Jan 16)