At 3:39 PM +0000 11/12/04, M Taylor wrote: >RISK Digest <http://www.risk.org/> (comp.risks) is about the closest, >although not security focused it does discuss system failures beyond >buffer overflows and TCP/IP protocol suite. It does not exclude familiar >risks (and documented failures) of buffer overflows, but extends into >numerous design related failures which can have security implications >which transcend any given platoform or language.
Oh, yes, I read that religiously, I just consider it on a different plateau than all the others :-) -- Larry Kilgallen