Forwarded from: Michael Howard <mikehowat_private> >>"Every group that contributes to the CD has drawn up a plan to mitigate security risks," Howard said. Key to the plans is a measure of success--how the groups will know when they are done, he added." >>I suppose what really bothers me here is that MS is doing rapid security "training" and then these people, who wrote insecure software in the first place, are then the same ones writing their gameplan to fix it. Ummmm, who's checking the homework here? And bother you should be - but our group is - we have reviewed every plan, and made comments and feedback on every plan. just 'coz the press aricle doesn't mention the entire game plan, doesn't mean you understand the entire game plan. Moral: Be careful of what you read in the press Cheers, MH Secure Windows Initiative Got an access denied? Good, my job is done! Writing Secure Code: http://www.microsoft.com/mspress/books/5612.asp <snip> - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Feb 13 2002 - 05:54:25 PST