[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Microsoft Coding / National Security Risk

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: RE: [Full-Disclosure] Microsoft Coding / National Security Risk
From: "joe" <mvp@xxxxxxxxxxx>
Date: Fri, 26 Mar 2004 13:06:43 -0500

Actually yes, I think it has. 

 
 

-----Original Message-----
From: full-disclosure-admin@xxxxxxxxxxxxxxxx
[mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of John Sage
Sent: Wednesday, March 24, 2004 9:53 AM
To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Microsoft Coding / National Security Risk

> Take a team of really really good C/C++ coders with excellent security 
> vulnerability knowledge and have them go through the source code for 
> windows (starting with the core functionality and internet facing 
> functionality maybe).  Find these bugs (including methodical black-box 
> testing against the binaries) and fix them.

Allegedly Microsoft has been doing just exactly this for several years.

Ever heard of "Trustworthy Computing?"

Done a lot of good, hasn't it?


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Microsoft Coding / National Security Risk
  - From: Valdis . Kletnieks

References:
- Re: [Full-Disclosure] Microsoft Coding / National Security Risk
  - From: John Sage

Prev by Date: Re: [Full-Disclosure] Message - Banner's Styles
Next by Date: Re: [Full-Disclosure] Microsoft Coding / National Security Risk
Previous by thread: Re: [Full-Disclosure] Microsoft Coding / National Security Risk
Next by thread: Re: [Full-Disclosure] Microsoft Coding / National Security Risk
Index(es):
- Date
- Thread