Re: impossibility of computer security?

From: Samantha Atkins (samantha@objectent.com)
Date: Mon Sep 16 2002 - 23:25:06 MDT

• Next message: Amara Graps: "hey, don't be sad..."
• Previous message: Lee Corbin: "RE: *Why* People Won't Discuss Differences Objectively"
• In reply to: Wei Dai: "impossibility of computer security?"
• Next in thread: Lee Daniel Crocker: "Re: impossibility of computer security?"
• Reply: Lee Daniel Crocker: "Re: impossibility of computer security?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Wei Dai wrote:
> I wonder if anyone is as disturbed as I am with the recent news of remote
> exploitable holes in OpenSSH and OpenSSL that allow attackers to run
> arbitrary code. When open-source software whose only purpose is to improve
> computer security actually make it worse, I have to wonder if security is
> possible at all. Has anyone thought about what causes this seeming
> inability of human beings to write secure software, and what its
> implications are for the future?
>
> Here are some of the security advisories:
> http://online.securityfocus.com/advisories/4241
> http://online.securityfocus.com/advisories/4316
>
>

What on earth gave you the idea that the only purpose of Open
Source software is to make computers more secure?

- s

• Next message: Amara Graps: "hey, don't be sad..."
• Previous message: Lee Corbin: "RE: *Why* People Won't Discuss Differences Objectively"
• In reply to: Wei Dai: "impossibility of computer security?"
• Next in thread: Lee Daniel Crocker: "Re: impossibility of computer security?"
• Reply: Lee Daniel Crocker: "Re: impossibility of computer security?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 09:17:06 MST