Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

(no subject)

From: "Robin Landis" <rebl () operamail com>
Date: Thu, 01 Jul 2004 19:26:00 +0100
-> The very same people are finding these big bugs. It is not like there are a whole ton of unexperienced people 
finding these bugs. These are the best. They are experts at finding them. They may not always be cognizant of this 
themselves, the act of finding them may not seem difficult to them, but it is -- and this is clearly shown by the fact 
that the same people keep finding these bugs.

I contend that the fact that the very same people are reporting bugs does not mean that they are the only ones finding 
them.  Nor does it mean that only an expert might find them.  Nor does it mean that all experts would be inclined to 
report them.

Using any operating system that is 1) not obcessed with backward compatibility to the point that old vulnerabilities 
are retained forever, and 2) does not force users and servers alike to run unnecessary applications, and 3) is deployed 
by a company that manages its software development lifecycle in a manner that ensures all the various programmers are 
applying security patches to all the various versions under development, would be a big improvement.  Microsoft might 
someday become such a company....XP SP2 being a start.

And then you could look at how IE handles security zones...
Whether the new search tool will be another "built-in"...

Robin
-- 
_____________________________________________________________
Web-based SMS services available at http://www.operamail.com.

From your mailbox to local or overseas cell phones.


Powered by Outblaze

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: