[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CB1F49F2B508604292985807CF68F5F505953802@CSEXCHANGE.cs.state.ny.us>
From: JMC13 at mail3.cs.state.ny.us (Clairmont, Jan)
Subject: PFW and Program Correctness
Vulnerabilities are impossible to entirely eliminate, just as proving
correctness of an algoritm, Knuth and others, errors exponential increase
as the code increases. They will never get any code completely bug or
security flaw free. And the more people use the systems the more things
or problems will come out. Expecting MS or Linux or Solaris to get it all
out is an insane requirement. I do expect adequate QA testing, and doing
security pen testing is the minimum, but that won't always cut it, that why
there is customer beta testing.
I suppose working on the internet is like driving on a busy highway,
hopefully
your experienced drivers can avoid the MAC trucks. But some accidents just
become unavoidable and the novice drivers get into the most accidents...
It's
experience and safe habits, buckle your seat belt baby you're in for a
helluva
ride.
Jan Clairmont
LDAP and Solaris Admin. Consultant
Powered by blists - more mailing lists