, 2006-03-07
There is value in finding vulnerabilities. Yet many people believe that a vulnerability doesn't exist until it is disclosed to the public. We know that vulnerabilities need to be disclosed, but what role do vendors have to make these issues public?
Expand all |
Post comment
...Didn't think so.
Fact is, OSes are inherently vulnerable to attack because they have the nearly-impossible task of protecting the system from itself, from attackers and from the very user of the system: you.
A "trusted" operating system in the absolute sense is a theoretical concept. It simply does not exist.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/391/33294#33294