Dailydave: Re: News, dumbug, prediction rebuttals.

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Dailydave mailing list archives

Re: News, dumbug, prediction rebuttals.

From: Blue Boar <BlueBoar () thievco com>
Date: Thu, 22 Dec 2005 12:23:42 -0800

Dave Aitel wrote:

IMO, intense auditing is really just a warm up. OpenSSH is the most
intensely audited code on the planet and it still has problems that
require them to change their architecture to avoid exposing too much
code to the pre-auth world.

Is it really "require", or are they simply doing more paranoid things,which have served them well in the past?

OpenSSL and zlib should really be the most intensely audited code, theyget linked into just about everything.

BB

By Date By Thread

Current thread:

Re: News, dumbug, prediction rebuttals., (continued)
- Re: News, dumbug, prediction rebuttals. Florian Weimer (Dec 22)
- Message not available
  - Re: News, dumbug, prediction rebuttals. Dave Aitel (Dec 22)
    - Re: News, dumbug, prediction rebuttals. Florian Weimer (Dec 22)
    - Re: News, dumbug, prediction rebuttals. Blue Boar (Dec 22)
    - Re: News, dumbug, prediction rebuttals. Adam Shostack (Dec 22)
    - Re: News, dumbug, prediction rebuttals. plonky (Dec 22)
    - Message not available
    - Re: News, dumbug, prediction rebuttals. plonky (Dec 23)
- Re: News, dumbug, prediction rebuttals. sgc (Dec 22)
- RE: News, dumbug, prediction rebuttals. Marc Maiffret (Dec 27)