lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040324145249.GI26168@sparky.finchhaven.net>
From: jsage at finchhaven.com (John Sage)
Subject: Microsoft Coding / National Security Risk

Well.

On Wed, Mar 24, 2004 at 10:10:28AM -0000, Richard Hatch wrote:
> From: "Richard Hatch" <r.hatch@...s.qinetiq.com>
> To: <full-disclosure@...ts.netsys.com>
> Subject: [Full-Disclosure] Microsoft Coding / National Security Risk
> Date: Wed, 24 Mar 2004 10:10:28 -0000
> 
> Hi all,

/* snip */

> Take a team of really really good C/C++ coders with excellent
> security vulnerability knowledge and have them go through the source
> code for windows (starting with the core functionality and internet
> facing functionality maybe).  Find these bugs (including methodical
> black-box testing against the binaries) and fix them.

Allegedly Microsoft has been doing just exactly this for several
years.

Ever heard of "Trustworthy Computing?"

Done a lot of good, hasn't it?


- John
-- 
"Mad cow? You'd be mad too, if someone was trying to eat you."

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ