Secure Coding mailing list archives
Economics of Software Vulnerabilities
From: crispin at novell.com (Crispin Cowan)
Date: Mon, 19 Mar 2007 14:00:09 -0600
Gary McGraw wrote:
I'm not sure vista is bombing because of good quality. That certainly would be ironic. Word on the "way down in the guts" street is that vista is too many things cobbled together into one big kinda functioning mess.
I.e. it is mis-featured, and lacks on some integration. This is a variation on not having desired features. And there certainly are big features in Vista that were supposed to be there but aren't (most of user-land being managed code, relational file system). It is also infamously late. So if the resources that were put into the code quality in Vista had instead been put into features and ship-date, would it do better in the marketplace? Sure, that's heretical :) but it just might be true :( Crispin, now believes that users are fundamentally what holds back security -- Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/ Director of Software Engineering http://novell.com AppArmor Training at CanSec West http://cansecwest.com/dojoapparmor.html
Current thread:
- Economics of Software Vulnerabilities Ed Reed (Mar 06)
- Economics of Software Vulnerabilities Crispin Cowan (Mar 12)
- Economics of Software Vulnerabilities Gadi Evron (Mar 12)
- <Possible follow-ups>
- Economics of Software Vulnerabilities Gary McGraw (Mar 13)
- Economics of Software Vulnerabilities Gadi Evron (Mar 13)
- Economics of Software Vulnerabilities Gary McGraw (Mar 13)
- Economics of Software Vulnerabilities Crispin Cowan (Mar 19)
- Economics of Software Vulnerabilities Ed Reed (Mar 19)
- Economics of Software Vulnerabilities Crispin Cowan (Mar 19)
- Economics of Software Vulnerabilities Steven M. Christey (Mar 19)
- Economics of Software Vulnerabilities Ed Reed (Mar 20)
- Economics of Software Vulnerabilities Arian J. Evans (Mar 21)
- Economics of Software Vulnerabilities Steven M. Christey (Mar 21)
- Economics of Software Vulnerabilities mudge (Mar 21)
- Economics of Software Vulnerabilities Steven M. Christey (Mar 21)
- Economics of Software Vulnerabilities Crispin Cowan (Mar 19)
- Economics of Software Vulnerabilities Crispin Cowan (Mar 12)
- Economics of Software Vulnerabilities McGovern, James F (HTSC, IT) (Mar 20)
- Economics of Software Vulnerabilities Wall, Kevin (Mar 20)