Re: How T-Mobil's network was compromised

[Frank Knobbe <frank () knobbe us>]

On Sun, 2005-02-20 at 21:26 +0200, Willem Koenings wrote:
> Yes, and thats why i said, that original quote is not always true
> because it is differently understandable. If i know one specific flaw
> or vulnerability, then i specifically can test against presence or
> absence of  that specific flaw or vulnerability.

hehe... no, no. The quote said "flaws". Not a specific one. Flaws are
errors as we know them. You can test for the presence of the ones we
know, the specific ones. And you can test for the absence of these
specific ones. But you can't test for the absence of any flaw. That
would be akin to testing the presence of anti-flaws. What is a
non-error? A non-flaw? It's a non-existing flaw, it doesn't exist. If
could define and measure that to the extent that you can test for it,
then Dijkstra can be proved wrong :)

Until then the invert of presence of flaws is absence of flaws. And we
can only test for the former.

Cheers,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html