[11185] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: It's Time to Abandon Insecure Languages

daemon@ATHENA.MIT.EDU (Victor.Duchovni@morganstanley.com)
Mon Jul 22 13:15:41 2002

Date: Mon, 22 Jul 2002 12:50:45 -0400 (EDT)
From: <Victor.Duchovni@morganstanley.com>
To: "John S. Denker" <jsd@monmouth.com>
Cc: <cryptography@wasabisystems.com>
In-Reply-To: <3D3C2BC4.BEB80A73@monmouth.com>

CERT is far from a comprehensive source of security bug reports. Does
anyone have statistics of bug types for Bugtraq or Mitre's CVE?

I get daily bug reports via FS/ISAC. Most of these are not
sufficiently severe or broadly applicable to be CERT advisories. These are
mostly application logic issues, but the evidence is I must admit
anecdotal. I don't have survey results.

-- 
	Viktor.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[11185] in cryptography@c2.net mail archive

Re: It's Time to Abandon Insecure Languages

daemon@ATHENA.MIT.EDU (Victor.Duchovni@morganstanley.com)Mon Jul 22 13:15:41 2002

daemon@ATHENA.MIT.EDU (Victor.Duchovni@morganstanley.com)
Mon Jul 22 13:15:41 2002