Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Microsoft Coding / National Security Risk
From: martin f krafft <madduck () madduck net>
Date: Wed, 24 Mar 2004 22:24:15 +0100

also sprach Richard Hatch <r.hatch () eris qinetiq com> [2004.03.24.1110 +0100]:
Take a team of really really good C/C++ coders with excellent
security vulnerability knowledge and have them go through the
source code for windows (starting with the core functionality and
internet facing functionality maybe).  Find these bugs (including
methodical black-box testing against the binaries) and fix them.

You will have a hard time, given the patched OS that Windoze is.
Where design is flawed you can't add security.

Instead, find these really good coders and funding for them to
improve open source software so it finally becomes a viable
alternative; then convince people to switch.

Microsoft Windows is not just another piece of software, it has
become a fundamental part of businesses and governments.

and a major nuisance in all of our lives.

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; net () madduck
invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver!
this message represents the official view of the voices in my head.

Attachment: signature.asc
Description: Digital signature

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]