On 7/18/06 11:45 AM, "Dana Epp" <[EMAIL PROTECTED]> wrote:
> Or perhaps less arrogance in believing "it won't sink".
>
> Absolute security is a myth. As is designing absolutely secure software.
I have high hopes in formal methods.
> It is a lofty goal, but one of an absolute that just isn't achievable as
> threats change and new attack patterns are found. Designing secure
> software is about attaining a level of balance around software
> dependability weighed against mitigated risks against said software to
> acceptable tolerance levels, while at the same time ensuring said
> software accomplishes the original goal... to solve some problem for the
> user.
>
> On my office door is a bumper sticker I made. It simply says:
>
> 0x5
>
> 10 points to the first person to explain what that means.
Since you're at Microsoft I'll bet it's related to "RPC Layer returned error
0x5 (Access is denied.) This may happen if host security is not installed".
http://support.microsoft.com/kb/216558/en-us
So it would be an oblique way of referring to host security. If it was on a
motel-style door-handle card it could also mean "do not disturb" (send
visitors away with an "access denied"). Perhaps, "go away if you haven't
secured your system". Who knows besides you ;)
Pascal
>
>
> Regards,
> Dana Epp
> [Microsoft Security MVP]
> http://silverstr.ufies.org/blog/
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of SC-L Subscriber Dave
> Aronson
> Sent: Tuesday, July 18, 2006 7:53 AM
> To: SC-L@securecoding.org
> Subject: [SC-L] bumper sticker slogan for secure software
>
> Paolo Perego [mailto:[EMAIL PROTECTED] writes:
>
>> "Software is like Titanic, pleople claim it was unsinkable. Securing
> is > providing it power steering"
>
> But power steering wouldn't have saved it. By the time the iceberg was
> spotted, there was not enough time to turn that large a boat. Perhaps
> radar, but that doesn't make a very good analogy. Maybe a thicker
> tougher hull and automatic compartment doors?
>
> -Dave
>
>
>
>
> _______________________________________________
> Secure Coding mailing list (SC-L)
> SC-L@securecoding.org
> List information, subscriptions, etc -
> http://krvw.com/mailman/listinfo/sc-l
> List charter available at - http://www.securecoding.org/list/charter.php
>
> _______________________________________________
> Secure Coding mailing list (SC-L)
> SC-L@securecoding.org
> List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
> List charter available at - http://www.securecoding.org/list/charter.php
>
_______________________________________________
Secure Coding mailing list (SC-L)
SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
