Full Disclosure mailing list archives
Re: Microsoft Coding / National Security Risk
From: John Sage <jsage () finchhaven com>
Date: Wed, 24 Mar 2004 06:52:49 -0800
Well. On Wed, Mar 24, 2004 at 10:10:28AM -0000, Richard Hatch wrote:
From: "Richard Hatch" <r.hatch () eris qinetiq com> To: <full-disclosure () lists netsys com> Subject: [Full-disclosure] Microsoft Coding / National Security Risk Date: Wed, 24 Mar 2004 10:10:28 -0000 Hi all,
/* snip */
Take a team of really really good C/C++ coders with excellent security vulnerability knowledge and have them go through the source code for windows (starting with the core functionality and internet facing functionality maybe). Find these bugs (including methodical black-box testing against the binaries) and fix them.
Allegedly Microsoft has been doing just exactly this for several years. Ever heard of "Trustworthy Computing?" Done a lot of good, hasn't it? - John -- "Mad cow? You'd be mad too, if someone was trying to eat you." _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Microsoft Coding / National Security Risk Richard Hatch (Mar 24)
- Re: Microsoft Coding / National Security Risk Luke Norman (Mar 24)
- RE: Microsoft Coding / National Security Risk joe (Mar 24)
- RE: Microsoft Coding / National Security Risk Frank Knobbe (Mar 24)
- RE: Microsoft Coding / National Security Risk joe (Mar 26)
- RE: Microsoft Coding / National Security Risk Frank Knobbe (Mar 24)
- Re: Microsoft Coding / National Security Risk John Sage (Mar 24)
- RE: Microsoft Coding / National Security Risk joe (Mar 26)
- Re: Microsoft Coding / National Security Risk Valdis . Kletnieks (Mar 26)
- RE: Microsoft Coding / National Security Risk joe (Mar 26)
- Re: Microsoft Coding / National Security Risk Valdis . Kletnieks (Mar 24)
- Re: Microsoft Coding / National Security Risk martin f krafft (Mar 24)
- <Possible follow-ups>
- Re: Microsoft Coding / National Security Risk borg (Mar 24)
- RE: Re: Microsoft Coding / National Security Risk joe (Mar 26)
- RE: Re: Microsoft Coding / National Security Risk madsaxon (Mar 26)
- Re: Re: Microsoft Coding / National Security Risk Szilveszter Adam (Mar 29)
- RE: Re: Microsoft Coding / National Security Risk joe (Mar 26)
- RE: Re: Microsoft Coding / National Security Risk Random Letters (Mar 24)
- RE: Re: Microsoft Coding / National Security Risk Steven Alexander (Mar 26)