On Wed, 05 May 2004 04:55:12 EDT, Lennart Damm <[EMAIL PROTECTED]> said:
> It would be interesting to draw security conclusions from past vulnerabilities and > accompanying solutions (patches, etc.). Here's a classic paper (the original Multics vulnerability analysis by Karger and Schell): http://www.acsac.org/2002/papers/classic-multics-orig.pdf Here's their 30-years-later retrospective: http://www.acsac.org/2002/papers/classic-multics.pdf Executive summary: We've learned somewhere between diddly and squat from 30 years of experience.
pgp00000.pgp
Description: PGP signature
