lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040324212415.GA21197@piper.madduck.net>
From: madduck at madduck.net (martin f krafft)
Subject: Re: Microsoft Coding / National Security Risk

also sprach Richard Hatch <r.hatch@...s.qinetiq.com> [2004.03.24.1110 +0100]:
> Take a team of really really good C/C++ coders with excellent
> security vulnerability knowledge and have them go through the
> source code for windows (starting with the core functionality and
> internet facing functionality maybe).  Find these bugs (including
> methodical black-box testing against the binaries) and fix them.

You will have a hard time, given the patched OS that Windoze is.
Where design is flawed you can't add security.

Instead, find these really good coders and funding for them to
improve open source software so it finally becomes a viable
alternative; then convince people to switch.

> Microsoft Windows is not just another piece of software, it has
> become a fundamental part of businesses and governments.

and a major nuisance in all of our lives.

-- 
martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@...duck
 
invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver!
 
this message represents the official view of the voices in my head.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040324/185b9bd0/attachment.bin

Powered by blists - more mailing lists