[SC-L] Re: White paper: "Many Eyes" - No Assurance Against Many Spies

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Kenneth R. van Wyk wrote: >FYI, there's a white paper out by Dan O'Dowd of Green Hills Software (see >http://www.ghs.com/linux/manyeyes.html) that "It is trivial to infiltrate the >loose association of Linux organizations which have developers all o

[SC-L] Re: DJB's students release 44 poorly-worded, overblown advisories

Paco Hope wrote: > Somebody's gotta come up with a reasonable definition of "remotely > exploitable." Agreed; this lack of an agreed-upon vocabulary is the cause of all sorts of misunderstandings that don't make the news. These days, with everything networked, I'm not sure proximity is a usuall

[SC-L] Re: Application Insecurity --- Who is at Fault?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Margus Freudenthal wrote: Consider the bridge example brought up earlier. If your bridge builder finished the job but said: "ohh, the bridge isn't secure though. If someone tries to push it at a certain angle, it will fall". Ultimately it is a matter of