Dailydave mailing list archives

RE: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did

From: "Chris Eagle" <cseagle () redshift com>
Date: Wed, 4 Feb 2004 12:13:36 -0800

Blue Boar wrote:


In other words, I thinks the costs of fixing things after the 
fact has 
gotten so much cheaper that it makes financial sense to go ahead and 
allow for that.


Probably true with today's rapid develop/ship/update model of software 
sales. I think a lot of these studies dealt with very old systems for 
which the original programmers were long gone and you had to pay people
to spend time learning an outdated language and getting up to speed on
code before they could even begin to think about patching a problem.

I also think they were referring more towards cases in which new 
functionality needs to be added to existing code, or existing 
functionality modified to some significant degree. Vulnerabilities
don't tend to fall into either of these categories.

Chris

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Dave Aitel (Feb 04)
- Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Rodney Thayer (Feb 04)
- Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Anton A. Chuvakin (Feb 04)
  - Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Dave Aitel (Feb 04)
- RE: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Chris Eagle (Feb 04)
  - Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Blue Boar (Feb 04)
    - Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Dave Aitel (Feb 04)
    - RE: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Chris Eagle (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Matt Hargett (Feb 04)
    - RE: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Chris Eagle (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Gunnar Peterson (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Sinan Eren (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did H D Moore (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Sinan Eren (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did H D Moore (Feb 04)
    - Re: Lame studies that people quote as fact thathaveno basis in reality and still don't prove anything even ifthey did Matt Hargett (Feb 04)
    - RE: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Rodney Thayer (Feb 04)
    - Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did the grugq (Feb 04)

(Thread continues...)