Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
The value of vulnerabilities
Jason Miller, 2006-03-07

There is value in finding vulnerabilities. Yet many people believe that a vulnerability doesn't exist until it is disclosed to the public. We know that vulnerabilities need to be disclosed, but what role do vendors have to make these issues public?

Submit Comment Mode:
Name:
Subject:
Message:
 
  Enter the characters that appear above
 
Re: Re: Re: Re:Good Points 2006-03-15
Matthew Murphy
The fact that some systems have been CC-evaluated doesn't make your point. It's still just theory.

The security "mechanisms" may be there, but nearly all of these mechanisms in an OS that has any general-purpose use will have holes and therefore vulnerabilities still exist.

"Trusted design" d...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus