Why Sardonix Failed

Why Sardonix Failed
Hal Flynn, 2004-02-04

The DARPA-funded security auditing project was done in by its own obscurity, and some misconceptions about what security researchers really want.

Colapse all | Post comment

Why Sardonix Failed 2004-02-05
Anonymous

Quote: "The success of Sardonix would have proved a key argument that open-source advocates have used to lend validity to the cause since time immemorial: that open-source software is more secure because the source is available to the world to be audited. The project's failure is a reminder that the...

[ more ] [ reply ]

Why Sardonix Failed 2004-02-05
Anonymous

Like I said in the previous article:

It is absolutely naive to think that anyone in their right mind would do this. Labour over code and receive a pat on the back. Nonsense. This is not a carrot at the end of a stick rather a pea. With bugtraq depending on how you play the game be it a 0 day you ...

[ more ] [ reply ]

Did Sardonix even try? 2004-02-07
Anonymous

I'd say that WireX didn't even really try to make Sardonix a success. The mailing list was only busy when people talked about the 'pointing' system. There was some rumbling about the new non-template site being delivered but AFAIK it never was. The site remained basically static since the beginning ...

[ more ] [ reply ]

effort involved in an audit 2004-02-11
Anonymous

I was ready to run an auditing tool over several packages of code and skim the results but I didn't find a good enough tool and that would be a rather shallow audit in any case....

[ more ] [ reply ]

Why Sardonix Failed 2004-02-14
Anonymous

I think the interest was present but the guidance was not.

If a tutorial had been put together teaching people *HOW* to find bugs, then people would have jumped on board.

As things stood, I may have been interested, but had no clue what to do after reading the code and understanding it. ...

[ more ] [ reply ]