| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.GSO.4.43.0311031157400.28583-100000@tundra.winternet.com> From: dufresne at winternet.com (Ron DuFresne) Subject: Re: Gates: 'You don't need perfect code' for good security [SNIP] > > It wasn't a general statement on MS security, though it was ambiguous enough. > He mixed a lot of generalisms (layered security, Windows a target because it > is more widely deployed) with a lot of non-sequitur specifics (Win2K3 hasn't > seen a lot of exploits [duh! it isn't widely deployed! See the last > sentence!] > The "target due to large deployment" argument takes on less significance when one considers that most every site has at least one 'router' and cisco dominates that realm, yet, the targeting of successful cisco exploits is certainly tons smaller then most the sploits that target desktops. And I use the term 'desktops' specifically, as most corps will find their 'servers' seldom sploited like their desktop env's. Even those places that use alot of windows systems as 'servers'. Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
Powered by blists - more mailing lists