mailing list archives
RE: Microsoft Coding / National Security Risk
From: "joe" <mvp () joeware net>
Date: Fri, 26 Mar 2004 13:06:43 -0500
Actually yes, I think it has.
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of John Sage
Sent: Wednesday, March 24, 2004 9:53 AM
To: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] Microsoft Coding / National Security Risk
Take a team of really really good C/C++ coders with excellent security
vulnerability knowledge and have them go through the source code for
windows (starting with the core functionality and internet facing
functionality maybe). Find these bugs (including methodical black-box
testing against the binaries) and fix them.
Allegedly Microsoft has been doing just exactly this for several years.
Ever heard of "Trustworthy Computing?"
Done a lot of good, hasn't it?
Full-Disclosure - We believe in it.