Security flaws on the rise, questions remain

Security flaws on the rise, questions remain
Robert Lemos, SecurityFocus 2006-01-05

After three years of modest or no gains, the number of publicly reported vulnerabilities jumped in 2005, boosted by easy-to-find bugs in Web applications. Yet, questions remain about the value of analyzing current databases, whose data rarely correlates easily.

Colapse all | Post comment

Security flaws on the rise, questions remain 2006-01-10
R_U_Trustified? (1 replies)

Since "the most important, and perhaps obvious, lesson is that the software flaws are here to stay", the focus should be on solutions that prevent vulnerabilities from being turned into viable threats, since patching is not effective against zero day attacks anyway....

[ more ] [ reply ]

Re: Security flaws on the rise, questions remain 2006-01-11
infamous41md (1 replies)

There are no solutions that completely mitigate the threat of vulnerabilities. From ret2libc attacks against NX to using pointers on the stack against ASLR the solutions have been circumvented. The focus should be on producing quality code. This means that both open and closed source projects sho...

[ more ] [ reply ]

Re: Re: Security flaws on the rise, questions remain 2006-01-14
Steve Christey

Agreed with infamous41md. More concentration needs to be paid to secure software development and testing, as well as more resistant languages and environments. That is - change the state of practice to minimize the number of vulnerabilities being introduced in the first place....

[ more ] [ reply ]

Security flaws on the rise, questions remain 2006-01-13
dreedee

Here's some answers for you. Business are in this for the money. If a well know OS was more secure and less scketchy, then the well known anti-virus company would surely be out of business soon. Just like the drugs companies, oil traders and arms dealers, well know software companies play on the sam...

[ more ] [ reply ]