[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1147461153.18341.5.camel@matrix>
Date: Fri, 12 May 2006 21:12:32 +0200
From: Fabian Becker <neonomicus@....de>
To: bugtraq@...urityfocus.com
Subject: Re: How secure is software X?
Dear David
in my opinion a software can either be secure or not secure.
I think it's a bit like a woman cannot be "a bit pregnant".
But the protocol you are talking about can be used to tell the secure
from the insecure pieces of software. By applying a test for these rules
against systems, security will definitely be enhanced since software
brandmarked with "insecure" will simply loose it's value.
Another question is how to verify that authors check their own software?
If they do not do it by now, why then? The only reason I could imagine
would be a raise in value by beeing able to say "My software is a tested
'secure' one".
My 2cts :)
Bye
Fabian Becker
Powered by blists - more mailing lists