lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: rms at computerbytesman.com (Richard M. Smith)
Subject: Wired.com: So Many Holes, So Few Hacks

So Many Holes, So Few Hacks  By Michelle Delio 
http://www.wired.com/news/infostructure/0,1377,56955,00.html

Experts who discover and report security holes seem to be far more
industrious than the malicious hackers willing or able to exploit those
holes. 

Despite the thousands of hackable holes that lurk in e-mail, on
websites, in files and operating systems, most users' computers are
never afflicted with more than the virtual version of a sniffle. 

Few of the ominous potential traumas reported in 2002 turned out to have
any real impact on most computer users. The Klez virus infected some
machines and spawned spam that continues to clutter many e-mail inboxes.
And the Linux Slapper worm made more work for some systems
administrators for a while. 

The rest of 2002's reported security holes appear to have languished,
unexploited. 

Some security experts suggest that malicious code attacks do happen but
are dismissed by most users as just another wonky Windows software
crash. But those same experts also cheerfully confess that most exploits
aren't all that exploitable, and that the security industry profits by
stirring up fear and frenzy. 

Experts also wonder whether they and their colleagues devote entirely
too much time to pouring over program code looking for possible
exploits. 

.....

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ