Dailydave mailing list archives

RE: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did

From: Rodney Thayer <rodney () canola-jones com>
Date: Wed, 04 Feb 2004 17:43:15 -0800

At 05:44 PM 2/4/2004 -0800, you wrote:

Matt wrote:

I also think they were referring more towards cases in which new
functionality needs to be added to existing code, or existing
functionality modified to some significant degree. Vulnerabilities
don't tend to fall into either of these categories.


Are you for real? How do you define vulnerability?


Neither of the above imply the software is broken while a vulnerability
does. Software can a) get redesigned or b) have features added without c)
discovering or repairing any vulnerabilities. Both a and b are probably more
expensive than c.


No, (b) is less expensive, because the energy cost of producing new
features is less due to organizational issues (a/k/a greed 'cause you
can sell more)

It's not until vulnerabilities cut into profit or otherwise get in your
way that it becomes a business issue.

Dave, you bitch, you had to open this can of worms, didntcha ;-)

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did, (continued)
- - - Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Dave Aitel (Feb 04)
    - RE: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Chris Eagle (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Matt Hargett (Feb 04)
    - RE: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Chris Eagle (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Gunnar Peterson (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Sinan Eren (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did H D Moore (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Sinan Eren (Feb 04)
    - Re: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did H D Moore (Feb 04)
    - Re: Lame studies that people quote as fact thathaveno basis in reality and still don't prove anything even ifthey did Matt Hargett (Feb 04)
    - RE: Lame studies that people quote as fact that haveno basis in reality and still don't prove anything even if they did Rodney Thayer (Feb 04)
    - Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did the grugq (Feb 04)
- Re: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Matt Hargett (Feb 04)
  - Re[2]: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Halvar Flake (Feb 05)
    - Re: Re[2]: Lame studies that people quote as fact that have no basis in reality and still don't prove anything even if they did Matt Hargett (Feb 05)