lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4464B31F.8090003@thievco.com>
Date: Fri May 12 17:09:15 2006
From: BlueBoar at thievco.com (Blue Boar)
Subject: How secure is software X?

Brian Eaton wrote:
> On 5/11/06, Blue Boar <BlueBoar@...evco.com> wrote:
>> Don't we fairly quickly arrive at all products passing all the standard
>> tests, and "passing" no longer means anything?
> 
> I believe that point is called "success."

I was thinking more like all their "security" efforts only went to 
making sure the test reports clean, and they get declared "secure".  Now 
you have two products that pass the tests regardless of relative 
security, or whether one of them was carefully developed with security 
in mind.  Not my definition of success.

					BB

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ