=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v retrieving revision 1.15 retrieving revision 1.16 diff -u -r1.15 -r1.16 --- www/security.html 1998/02/19 22:37:51 1.15 +++ www/security.html 1998/02/19 22:41:42 1.16 @@ -45,13 +45,16 @@ these new flaws in mind.

-Our security auditing proces is a proactive one. In almost all cases -we have found that exploitability is not an issue. We have fixed many -simple and obvious careless programming errors in code and then only -months later discovered that the problems were in fact exploitable. -The proactive auditing process has really paid off. Statements like -``This problem was fixed in OpenBSD about 6 months ago'' have become -commonplace in security forums like BUGTRAQ. +Another facet of our security auditing process is it's proactiveness. +In almost all cases we have found that the determination of +exploitability is not an issue. During our auditing process we find +many bugs, and endeavor to simply fix them even though exploitability +is not proven. We have fixed many simple and obvious careless +programming errors in code and then only months later discovered that +the problems were in fact exploitable. This proactive auditing +process has really paid off. Statements like ``This problem was fixed +in OpenBSD about 6 months ago'' have become commonplace in security +forums like BUGTRAQ.

The auditing process is not over yet, and as you can see we continue @@ -97,7 +100,7 @@

This site Copyright © 1996, 1997 OpenBSD.
-$OpenBSD: security.html,v 1.15 1998/02/19 22:37:51 deraadt Exp $ +$OpenBSD: security.html,v 1.16 1998/02/19 22:41:42 deraadt Exp $