[Full-Disclosure] PFW and Program Correctness
JMC13 at mail3.cs.state.ny.us
Fri Jan 16 17:12:09 GMT 2004
Vulnerabilities are impossible to entirely eliminate, just as proving
correctness of an algoritm, Knuth and others, errors exponential increase
as the code increases. They will never get any code completely bug or
security flaw free. And the more people use the systems the more things
or problems will come out. Expecting MS or Linux or Solaris to get it all
out is an insane requirement. I do expect adequate QA testing, and doing
security pen testing is the minimum, but that won't always cut it, that why
there is customer beta testing.
I suppose working on the internet is like driving on a busy highway,
your experienced drivers can avoid the MAC trucks. But some accidents just
become unavoidable and the novice drivers get into the most accidents...
experience and safe habits, buckle your seat belt baby you're in for a
LDAP and Solaris Admin. Consultant
Full-Disclosure is hosted and sponsored by Secunia.