| version 1.35, 1998/02/24 21:15:26 |
version 1.36, 1998/02/24 21:19:05 |
|
|
| href=http://www.geek-girl.com/bugtraq/index.html>BUGTRAQ</a>.<p> |
href=http://www.geek-girl.com/bugtraq/index.html>BUGTRAQ</a>.<p> |
| |
|
| Most of our security auditing happened immediately before the OpenBSD |
Most of our security auditing happened immediately before the OpenBSD |
| 2.0 release and during the 2.0->2.1 transition. Thousands of security |
2.0 release and during the 2.0->2.1 transition, over the last third of |
| issues were fixed rapidly over almost a year, like the standard buffer |
1996 and first half of 1997. Thousands (Yes, that is thousands) of |
| overflows, protocol implementation weaknesses, and filesystem races. |
security issues were fixed rapidly over the year long period; bugs |
| In the time since then, the types of security problems we find and fix |
like the standard buffer overflows, protocol implementation |
| have tended to be more obscure or complicated. Still we will persist |
weaknesses, information gathering, and filesystem races. More |
| for a number of reasons: |
recently the security problems we find and fix tend to be more obscure |
| |
or complicated. Still we will persist for a number of reasons: |
| |
|
| <ul> |
<ul> |
| <li>Occasionally we find a simple one we missed before. |
<li>Occasionally we find a simple one we missed before. |
| <li>Security is like an arms race; the best attackers will continue |
<li>Security is like an arms race; the best attackers will continue |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www