Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
RE: [ISN] Microsoft developers feel Windows pain
From: InfoSec News (isnc4i.org)
Date: Wed Feb 13 2002 - 04:13:53 CST
Forwarded from: Michael Howard <mikehowmicrosoft.com>
>>"Every group that contributes to the CD has drawn up a plan to
mitigate security risks," Howard said. Key to the plans is a measure
of success--how the groups will know when they are done, he added."
>>I suppose what really bothers me here is that MS is doing rapid
security "training" and then these people, who wrote insecure software
in the first place, are then the same ones writing their gameplan to
fix it. Ummmm, who's checking the homework here?
And bother you should be - but our group is - we have reviewed every
plan, and made comments and feedback on every plan. just 'coz the
press aricle doesn't mention the entire game plan, doesn't mean you
understand the entire game plan.
Moral: Be careful of what you read in the press
Secure Windows Initiative
Got an access denied? Good, my job is done!
Writing Secure Code: http://www.microsoft.com/mspress/books/5612.asp
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoattrition.org with 'unsubscribe isn' in the BODY
of the mail.