Re: [Lit.] Buffer overruns
From: Paul Rubin (//phr.cx_at_NOSPAM.invalid)
Date: 01/29/05
- Next message: Bob Harris: "Re: two of three"
- Previous message: Bryan Olson: "Re: [Lit.] Buffer overruns"
- Maybe in reply to: newstome_at_comcast.net: "Re: [Lit.] Buffer overruns"
- Next in thread: Paul Rubin: "Re: [Lit.] Buffer overruns"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 28 Jan 2005 19:13:19 -0800
"Hank Oredson" <horedson@earthlink.net> writes:
> > The attacker might be willing to spend millions of dollars and years
> > of effort looking for those errors. Can the tester match that? The
> > tester can only use knowledge that existed at the time of testing.
> > The attacker can use knowledge gained after the program was released.
> > Testing cannot show the absence of bugs. It can only show their presence.
>
> If the project is to design a secure system, then the project plan
> darn well better have that level of testing. You want something for
> free? You won't get it.
That level of testing is impossible. How can you do a test that
depends on knowledge that you don't have?
Have you read the Vernor Vinge novel "A Fire Upon The Deep"? It's
a great book. The difference between testers and attackers is
something like the difference between humans and the Straumli Blight.
- Next message: Bob Harris: "Re: two of three"
- Previous message: Bryan Olson: "Re: [Lit.] Buffer overruns"
- Maybe in reply to: newstome_at_comcast.net: "Re: [Lit.] Buffer overruns"
- Next in thread: Paul Rubin: "Re: [Lit.] Buffer overruns"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
