, 2006-03-07
There is value in finding vulnerabilities. Yet many people believe that a vulnerability doesn't exist until it is disclosed to the public. We know that vulnerabilities need to be disclosed, but what role do vendors have to make these issues public?
Expand all |
Post comment
The value of vulnerabilities
2006-03-08
Omar A. Herrera (2 replies)
Omar A. Herrera (2 replies)
Re:Good Points
2006-03-08
R_U_Trustified (2 replies)
R_U_Trustified (2 replies)
The security "mechanisms" may be there, but nearly all of these mechanisms in an OS that has any general-purpose use will have holes and therefore vulnerabilities still exist.
"Trusted design" doesn't equal "bulletproof implementation".
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/391/33325#33325