[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Learn from history?

To: lennart.damm@xxxxxxxxxx
Subject: Re: [Full-Disclosure] Learn from history?
From: Valdis.Kletnieks@xxxxxx
Date: Wed, 05 May 2004 13:59:26 -0400

On Wed, 05 May 2004 04:55:12 EDT, Lennart Damm <lennart.damm@xxxxxxxxxx>  said:

> It would be interesting to draw security conclusions from past 
> vulnerabilities and accompanying solutions (patches, etc.). 

Here's a classic paper (the original Multics vulnerability analysis by Karger 
and Schell):

http://www.acsac.org/2002/papers/classic-multics-orig.pdf

Here's their 30-years-later retrospective:

http://www.acsac.org/2002/papers/classic-multics.pdf

Executive summary:  We've learned somewhere between diddly and squat from
30 years of experience.

Attachment: pgp00012.pgp
Description: PGP signature

References:
- [Full-Disclosure] Learn from history?
  - From: Lennart Damm

Prev by Date: [Full-Disclosure] Cygwin whois.exe Stack Overflow
Next by Date: [Full-Disclosure] IRIX Networking Security Updates
Previous by thread: RE: [Full-Disclosure] Learn from history?
Next by thread: RE: [Full-Disclosure] Learn from history?
Index(es):
- Date
- Thread