The Ethics of Vulnerability Research

Discussion in 'other security issues & news' started by ronjor, May 14, 2008.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,768
    Location:
    Texas
    Bruce Schneier
     
  2. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    Mistakes? I don't think so. People program in a certain manner and many times don't have the clairvoyance of being able to know all flaws beforehand (or they are otherwise too lazy to think them out). Programmers DO NOT update software unless a change is requested or something goes bump in the night. "Optimization" is NOT ongoing nor the expected destination no matter what management or the vendors say. :p
     
  3. CircleGirl

    CircleGirl Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    61
    Location:
    Circle Campus
    Knowing that there will always be someone who will take advantage of a weakness in an OS to cause mischief , and if a programmer does not realize this weakness then it is a mistake of omission. ONLY AN OMNISCIENT PROGRAMMER CAN CREATE A MISTAKE LESS OS!!!

    All others must accept attacks sooner or later.
     
  4. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Source : http://www.mcafee.com/us/local_content/white_papers/wp_ricochetbriefbuffer.pdf
     
  5. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    OpenBSD tried to do code audits and that was abandoned.
     
  6. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    We have version tracking as part of software development. That was instituted to prevent confusion when you updated programs. Of course, I NEVER got confused about my programs and think this mandatory adjunct system is a nuisance. :cool: :p
     
  7. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Is there research on whether it's more a case of new programs entering the market are more of a target (which would affect generally a smaller number of people) or is it always the established programs (microsoft) with a larger market share?
     
Loading...
Thread Status:
Not open for further replies.