| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 01 Dec 2008 10:27:29 -0600 From: rholgstad <rholgstad@...il.com> To: Mike C <mike.cartall@...il.com> Cc: full-disclosure@...ts.grok.org.uk, vulcanius <vulcanius@...il.com> Subject: Re: Project Chroma: A color code for the state ofcyber security and how does making a color based on these inputs protect people? Mike C wrote: > On Mon, Dec 1, 2008 at 4:21 AM, vulcanius <vulcanius@...il.com> wrote: > >> By the way, I also noticed that the new site for your project has the >> current threat level as yellow. Is it safe to assume that you've already got >> your metric systems in place and running? >> >> > > Yes, > > We do have a working framework for color code generation. The inputs > to this function include > > *exploits released in the past week > - The severity of the exploit > - The application it was in > - The language > - estimated users of the software > > *The previous week's color > > *Localized nature of exploits. > > We cannot comment more on this until it is refined and standardized. > If you are (or know) an antivirus vendor, please contact me offline to > move ahead. > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists