Full Disclosure mailing list archives

Re: How secure is software X?

From: Blue Boar <BlueBoar () thievco com>
Date: Fri, 12 May 2006 09:09:03 -0700

Brian Eaton wrote:

On 5/11/06, Blue Boar <BlueBoar () thievco com> wrote:

Don't we fairly quickly arrive at all products passing all the standard
tests, and "passing" no longer means anything?


I believe that point is called "success."

I was thinking more like all their "security" efforts only went tomaking sure the test reports clean, and they get declared "secure". Nowyou have two products that pass the tests regardless of relativesecurity, or whether one of them was carefully developed with securityin mind. Not my definition of success.


                                        BB

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

How secure is software X? David Litchfield (May 11)
- Re: How secure is software X? Michael Silk (May 11)
  - Re: How secure is software X? David Litchfield (May 11)
- Re: How secure is software X? Blue Boar (May 11)
  - Re: How secure is software X? Brian Eaton (May 12)
    - Re: How secure is software X? Blue Boar (May 12)
    - Re: How secure is software X? Brian Eaton (May 12)
    - Re: How secure is software X? sebastian . rother (May 12)
  - Re: How secure is software X? Lucien Fransman (May 12)
  - Re: How secure is software X? Lucien Fransman (May 12)
    - Re: How secure is software X? Roman Medina-Heigl Hernandez (May 13)
    - Re: How secure is software X? Valdis . Kletnieks (May 13)
- Re: How secure is software X? Adam Shostack (May 12)
- Re: How secure is software X? Tim Newsham (May 12)
- Re: How secure is software X? Paul B. Saitta (May 12)
- <Possible follow-ups>
- RE: How secure is software X? Ferguson, Justin (IARC) (May 12)

(Thread continues...)