y fix something than what theyve had to spend in the past to
get it fixed. So it seems that you would only have 1 shot at being right,
but a million shots at being wrong. And if you ever were wrong, they would
blame you. It seems like a one-off potential win scenario to me.
t
From: Cra
Actually, you CAN *guarantee* software. There are program verification
techniques that do test all possible paths. These do not stop implementation
errors, but you can make secure software.
The issue is the economics. Formal verification and repair costs from 10 to
100 times the initial cost of de
Sorry, French yes, but Spanish no.
Craig
--
Throw a coconut? Craig, did you throw a coconut at me? Or did Val throw
a coconut at me? I feel a Monty Python joke coming on.
Rosa, I dont speak Spanish, so I dont know what that really means.
Exactly,
As Valdis has stated, we want economic optimality. Valdis has stated this in
a far easier to understand manner than I.
I will publish a financial model on the blog this weekend that displays the
relationships graphically.
Regards,
...
Dr. Craig S Wright <http://
ssing, they are
valuable. If they save money, they are valuable.
Regards,
...
Dr. Craig S Wright GSE-Malware, GSE-Compliance, LLM, & ...
Information Defense Pty Ltd
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-
; -Original Message-
> From: valdis.kletni...@vt.edu [mailto:valdis.kletni...@vt.edu]
> Sent: Wednesday, February 10, 2010 1:17 PM
> To: craig.wri...@information-defense.com
> Cc: Thor (Hammer of God); 'full-disclosure'; pen-
> t...@securityfocus.com; security-bas
point 1 and
then we can move to point 2.
Contracts require definition. You have to supply the products as a list.
This is not I would think a difficult task. As stated, I have a 95%
confidence interval set for this.
Regards,
...
Dr. Craig S Wright GSE-Malware, GSE-Compliance, LLM, & ...
l be encrypted. Your goal is to
obtain a file from the BI app. You can have up to 6 months to do this.
The selection of 100 software products to be modelled remains outstanding.
I have this as Tim's first task. So that I can get the contract authored, he
needs to make this selection.
Regard
to weasel.
Regards,
...
Dr. Craig S Wright GSE-Malware, GSE-Compliance, LLM, & ...
Information Defense Pty Ltd
From: Thor (Hammer of God) [mailto:t...@hammerofgod.com]
Sent: Wednesday, 10 February 2010 3:59 PM
To: craig.wri...@information-defense.com; valdis.kletni...@vt.edu
Cc: p
ramework holds. Stop trying to weasel.
Regards,
...
Dr. Craig S Wright <http://gse-compliance.blogspot.com/> GSE-Malware,
GSE-Compliance, LLM, & ...
Information <http://www.information-defense.com/> Defense Pty Ltd
From: Thor (Hammer of God) [mailto:t...@hammerofgo
put up.
"calculating the risk of compromise?"
The second part is 50 systems that are setup and run. I model risk and we
see if this matches the systems as predicted.
Regards
...
Dr. Craig S Wright GSE-Malware, GSE-Compliance, LLM, & ...
Information Defense Pty Ltd
-Original Mess
|===
That is, it becomes less secure over time and as users are added.
" even though it has just been shown to only affect a very small section of
the overall product lifecycle "
Actually, you have taken one small example and extrapolated this into what
you believe my
ation on a system is derived as with
dependence and path.
Please as stated, choose the 100 software applications.
Regards,
...
Dr. Craig S Wright GSE-Malware, GSE-Compliance, LLM, & ...
Information Defense Pty Ltd
-Original Message-
From: Thor (Hammer of God) [mailto:t...@hammerofgod.
the people who can veto a choice if the software is obscure.
I shall be listing these in the contract that we will each sign as a deed.
Regards,
...
Dr. Craig S Wright GSE-Malware, GSE-Compliance, LLM, & ...
Information Defense Pty Ltd
From: Thor (Hammer of God) [mailto:t...@hammerofgo
the software code"
When you can get MS to give me their code this may be an issue, but it is
not as yet.
Regards,
...
Dr. Craig S Wright <http://gse-compliance.blogspot.com/> GSE-Malware,
GSE-Compliance, LLM, & ...
Information <http://www.information-defens
nd 45 of the 50 systems have to lie within my predicted range that
I calculate and release. "Thor" has to simply guess better than I do no
matter how far out he is.
I will put up $10,000 Au for my side. Let's see if "Thor" has something real
to offer.
Regards,
...
Dr. Craig
here are all the lives being lost through a banking app?
"Surely as the most highly certified security professional in the world you
don't need me, a mere working stiff, to find you a sponsor."
If you want me there, yes. I work by the hour, I am not going to waste time
paying for this &quo
ing and the later requires better modelling.
Welcome to the future, there will be math.
Regards,
...
Dr. Craig S Wright GSE-Malware, GSE-Compliance, LLM, & ...
Information Defense Pty Ltd
-Original Message-
From: Thor (Hammer of God) [mailto:t...@hammerofgod.com]
Sent: Wedne
18 matches
Mail list logo
