Reverse engineering patches making disclosure a moot choice?

Reverse engineering patches making disclosure a moot choice?
Robert Lemos, SecurityFocus 2005-07-01

When Microsoft released limited information on a critical vulnerability in Internet Explorer last month, reverse engineer Halvar Flake decided to dig deeper.

Expand all | Post comment

Reverse engineering patches making disclosure a moot choice? 2005-07-06
Anonymous (1 replies)

Re: Reverse engineering patches making disclosure a moot choice? 2005-07-08
Anonymous

Write code correctly the first time 2005-07-07
Karen (1 replies)

Re: Write code correctly the first time 2005-07-11
Anonymous (1 replies)

I agree. Writing code that is "good enough" to put on store shelves and releasing patches over time to fix bugs that are discovered in the future may be a cheaper strategy, but I would think this would be the case only initially. Financial losses that result from exploited vulnerabilities range in the multiple billions of dollars per year. Of course, I think we can all agree that writing "perfect" software is impossible, but that doesn't mean we shouldn't pursue perfection with our code. In the long run, "Doing it right the first time" should almost always be cheaper than the "patch and go" approach.

Just my two cents.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11235/32091#32091

Re: Re: Write code correctly the first time? 2005-07-12
David (1 replies)

Re: Re: Re: Write code correctly the first time? 2005-10-14
Software Engineer