Re: freebsd - Re: recommended Virus Scanner?
On Sat, 29 Nov 2003, Tom wrote:
...
> > > I have this belief that for any arbitrary large block of code, the #
of
> > > undiscovered root exploits to be very large (I actually beleve the # to
> > > be limitless -- humans are infinitely clever).
> >
> > I have this belief that the moon is made out of green cheese and that
> > all the good ones are dead.
> >
> > Care to state the basis for your belief, or its relevance to reality?
>
> I said it's intuition. Intution is not logic. It is not proof. It is
> not intended to be proof. Which makes responding to the rest of your
> arguments pointless.
>
> We'll see whose right :-)
"buggs" usually exists because of:
- there are many other (code or living) stuff to do
- silly marketing/sales deadlines
- lazyness - boredom to write/rewirte/review the same code
- no automated way to definitively say "this is a problem"
- people process/proceedure for using the same code varies
- some folks are better than others at "breaking in"
- people are not as meticulous as needed
- people's "convenience vs security" will always highlight/amplify
exploitable vunlnerabilities
and in this case, what one doesn't know will hurt one day
<forecast>
- using dhcp, wireless, work-at-home, laptops will be the cause
of most of the "vulnerabilities" and breakins
- it is no longer bugs in the code aa much as it used to be
</forecast>
- usually nothing you can do to "prevent sw buggs"...
- hopefully, easy to prevent buggs/exploits are all taken care of
fun stuff .... keeping the "baby covered and protected" ..
c ya
alvin
Reply to: