lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: mvp at joeware.net (joe)
Subject: Microsoft Coding / National Security Risk

Actually yes, I think it has. 

 
 

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of John Sage
Sent: Wednesday, March 24, 2004 9:53 AM
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Microsoft Coding / National Security Risk

> Take a team of really really good C/C++ coders with excellent security 
> vulnerability knowledge and have them go through the source code for 
> windows (starting with the core functionality and internet facing 
> functionality maybe).  Find these bugs (including methodical black-box 
> testing against the binaries) and fix them.

Allegedly Microsoft has been doing just exactly this for several years.

Ever heard of "Trustworthy Computing?"

Done a lot of good, hasn't it?



Powered by blists - more mailing lists