[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: Learn from history?
On Wed, 05 May 2004 04:55:12 EDT, Lennart Damm <lennart.damm@...ite.com> said:
> It would be interesting to draw security conclusions from past vulnerabilities and accompanying solutions (patches, etc.).
Here's a classic paper (the original Multics vulnerability analysis by Karger and Schell):
http://www.acsac.org/2002/papers/classic-multics-orig.pdf
Here's their 30-years-later retrospective:
http://www.acsac.org/2002/papers/classic-multics.pdf
Executive summary: We've learned somewhere between diddly and squat from
30 years of experience.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040505/5790b781/attachment.bin
Powered by blists - more mailing lists