Re: Anonymized Question for *

[Dave Aitel <dave () immunitysec com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Trojan development gets a whole lot easier too...

- -dave


H D Moore wrote:

| With tools like IDA and Halvar's bindiff code, having access to the
| source code is no longer as significant advantage as it used to be.
| Anyone who has tried using the available source code scanners can
| testify that bugs which were missed by the scanners could easily by
| found through fuzzing and reverse engineering techniques. Due to
| advancements in compiler development, the source code may not
| accurately reflect the compiled product anyways. With that being
| said, having the source code to an application makes exploit
| development so much simpler...
|
| $question = <<END_QUESTION Does Microsoft's Government Security
| Program (GSP), which gives access MS source code to participating
| governments, make it significantly easier for those governments'
| intelligence services to find vulnerabilities in Microsoft
| products?
|
| **Assumption: Most GSP participants would share the MS source code
| with their intelligence services...
|
| **URL: http://www.linuxinsider.com/perl/story/33504.html
| END_QUESTION _______________________________________________
| Dailydave mailing list Dailydave () lists immunitysec com
| http://www.immunitysec.com/mailman/listinfo/dailydave


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFAmr+BzOrqAtg8JS8RAgWNAKCkqufaZXkS3NjeIIw/BNUYdtTXtgCguPpK
jgm6gIN2ab8SOmqoZo+K9mY=
=adnH
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave