|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] Learn from history?
Valdis.Kletnieks
vt.edu
Date: Wed May 05 2004 - 12:59:26 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, 05 May 2004 04:55:12 EDT, Lennart Damm <lennart.dammexcite.com> said:
> It would be interesting to draw security conclusions from past vulnerabilities and accompanying solutions (patches, etc.).
Here's a classic paper (the original Multics vulnerability analysis by Karger and Schell):
http://www.acsac.org/2002/papers/classic-multics-orig.pdf
Here's their 30-years-later retrospective:
http://www.acsac.org/2002/papers/classic-multics.pdf
Executive summary: We've learned somewhere between diddly and squat from
30 years of experience.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFAmSt+cC3lWbTT17ARAhnLAKC0pBcCd2CcFj38D6cjGdJTSAhz0ACg+vxT
432yc7CI6I7gWfqD8rAujGw=
=ue67
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]