WebApp Sec mailing list archives

Re: Code Complexity vs. Security

From: Gunnar Peterson <gunnar () arctecgroup net>
Date: Fri, 23 Jul 2004 21:25:20 +0000

Dan Geer's Blackhat Windows keynote talk last January charted lines of code 
against vulnerabilities over time. LOC is not complexity per se, but it is an 
indicator.

Quoting Mark Curphey <mark () curphey com>:

Has anyone seen any good studies that analytically compare the security
quality of code to code complexity ?

Current thread:

Code Complexity vs. Security Mark Curphey (Jul 23)
- Re: Code Complexity vs. Security Gunnar Peterson (Jul 23)
  - Message not available
    - Re: Code Complexity vs. Security David King (Jul 25)
    - Re: Code Complexity vs. Security Suha Demir CAN (Jul 25)
    - Re: Code Complexity vs. Security athena (Jul 26)
    - Re: Code Complexity vs. Security Ed Moyle (Jul 26)
    - RE: Code Complexity vs. Security Mark Curphey (Jul 25)
    - Re: Code Complexity vs. Security Adam Shostack (Jul 25)
- <Possible follow-ups>
- RE: Code Complexity vs. Security Michael Silk (Jul 25)
  - Re: Code Complexity vs. Security Skip Carter (Jul 26)
- RE: Code Complexity vs. Security Wolf, Yonah (Jul 26)
- RE: Code Complexity vs. Security Calderon, Juan Carlos (GE Commercial Finance, NonGE) (Jul 26)

(Thread continues...)