Re: [ISN] Ballmer to crackers: this PC ain't big enough for the both of us

From: InfoSec News (isn@private)
Date: Tue Sep 23 2003 - 08:05:01 PDT

  • Next message: InfoSec News: "[ISN] Feds, Oracle team up to boost security"

    Forwarded from: Russell Coker <russell@private>
    On Wed, 17 Sep 2003 18:21, InfoSec News wrote:
    > "One area of investment that we're pursuing is what's called
    > post-processing of source code to find vulnerabilities, so you
    > actually go back and you have tools that look through the source
    > code and help identify potential vulnerabilities. And it is true
    > that those tools do get dramatically better with each vulnerability
    > as we learn and can teach them to help spot whole new classes of
    > attacks that come from hackers," Ballmer said.
    Excellent point!  Now it should be noted that some OSs (such as Linux
    and BSD Unix) have the source available for anyone to "post process",
    while some OSs (such as Windows) do not have the source available.
    So if anyone wants to do research in methods of pro-actively finding
    security holes then they can't use Windows.  With Windows you are
    limited to what MS can achieve...
    --   My NSA Security Enhanced Linux packages  Bonnie++ hard drive benchmark    Postal SMTP/POP benchmark  My home page
    ISN is currently hosted by
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Sep 23 2003 - 11:55:33 PDT