Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: How T-Mobil's network was compromised
From: Frank Knobbe <frank () knobbe us>
Date: Sun, 20 Feb 2005 15:58:25 -0600

On Sun, 2005-02-20 at 21:26 +0200, Willem Koenings wrote:
Yes, and thats why i said, that original quote is not always true
because it is differently understandable. If i know one specific flaw
or vulnerability, then i specifically can test against presence or
absence of  that specific flaw or vulnerability.

hehe... no, no. The quote said "flaws". Not a specific one. Flaws are
errors as we know them. You can test for the presence of the ones we
know, the specific ones. And you can test for the absence of these
specific ones. But you can't test for the absence of any flaw. That
would be akin to testing the presence of anti-flaws. What is a
non-error? A non-flaw? It's a non-existing flaw, it doesn't exist. If
could define and measure that to the extent that you can test for it,
then Dijkstra can be proved wrong :)

Until then the invert of presence of flaws is absence of flaws. And we
can only test for the former.


Attachment: signature.asc
Description: This is a digitally signed message part

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]