jackie
08-04-03, 10:19 AM
aku tak tahu nak buat topik apa so just tulis cam tue...
The U.S. military believes the work of a Calgary hacker may be its best bet to protect its computer networks from so-called cyber-terrorist attacks. And although Theo de Raadt is happy to have more than $2-million (U.S.) in research support from the U.S. military's research and development office, the source of that funding has made him more than a little uneasy. "I actually am fairly uncomfortable about it, even if our firm stipulation was that they cannot tell us what to do. We are simply doing what we do anyways — securing software — and they have no say in the matter," Mr. de Raadt said in a recent e-mail exchange. "I try to convince myself that our grant means a half of a cruise missile doesn't get built."
Although Microsoft Corp., whose Windows products are the world's dominant operating system products, and many other commercial software vendors are paying new attention to the security of their products, that renewed interest has done little to improve their products so far, Mr. de Raadt said.
"Low code quality keeps haunting our entire industry. That, and sloppy programmers who don't understand the frameworks they work within. They're like plumbers high on glue," Mr. de Raadt said.
Microsoft, for example, has issued 68 security bulletins or alerts for its products in the past year, better than one a week. OpenBSD, which does not develop as many products as Microsoft, says only one vulnerability or hole has been found in its software in the past seven years. OpenBSD has been created largely through the work of volunteers over its seven-year existence.
kalau nak berita penuh klik sini (http://www.securitynewsportal.com/cgi-bin/cgi-script/csNews/csNews.cgi?database=JanY%2edb&command=viewone&id=72&op=t)
The U.S. military believes the work of a Calgary hacker may be its best bet to protect its computer networks from so-called cyber-terrorist attacks. And although Theo de Raadt is happy to have more than $2-million (U.S.) in research support from the U.S. military's research and development office, the source of that funding has made him more than a little uneasy. "I actually am fairly uncomfortable about it, even if our firm stipulation was that they cannot tell us what to do. We are simply doing what we do anyways — securing software — and they have no say in the matter," Mr. de Raadt said in a recent e-mail exchange. "I try to convince myself that our grant means a half of a cruise missile doesn't get built."
Although Microsoft Corp., whose Windows products are the world's dominant operating system products, and many other commercial software vendors are paying new attention to the security of their products, that renewed interest has done little to improve their products so far, Mr. de Raadt said.
"Low code quality keeps haunting our entire industry. That, and sloppy programmers who don't understand the frameworks they work within. They're like plumbers high on glue," Mr. de Raadt said.
Microsoft, for example, has issued 68 security bulletins or alerts for its products in the past year, better than one a week. OpenBSD, which does not develop as many products as Microsoft, says only one vulnerability or hole has been found in its software in the past seven years. OpenBSD has been created largely through the work of volunteers over its seven-year existence.
kalau nak berita penuh klik sini (http://www.securitynewsportal.com/cgi-bin/cgi-script/csNews/csNews.cgi?database=JanY%2edb&command=viewone&id=72&op=t)