On Jun 18, 2012, at 4:21 PM, Jon Callas wrote:
> Reviewers don't want a review published that shows they gave a pass on a crap
> system. Producing a crap product hurts business more than any thing in the
> world. Reviews are products. If a professional organization gives a pass on
> something that turned out to be bad, it can (and has) destroyed the
> organization.
I would really love to hear some examples from the security world.
I'm not being skeptical: I really would like to know if any professional
security evaluation firm has suffered meaningful, lasting harm as a result of
having approved a product that was later broken.
I can think of several /counterexamples/, a few in particular from the
satellite TV world. But not the reverse.
Anyone?
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography