[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVE-2017-14482 - Red Hat Customer Portal

From: Emanuel Berg
Subject: Re: CVE-2017-14482 - Red Hat Customer Portal
Date: Mon, 25 Sep 2017 23:49:10 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.4 (gnu/linux)

Mario Castelán Castro wrote:

> This is the prevalent attitude among
> programmers

Perhaps because it makes sense? It is known as
"conventional wisdom".

> we are showered by an endless stream of
> security patches and bug fixes.

Yes, and what is the problem with that?

>> If I'd send the space fleet to the oldest
>> galaxies of the universe, I'd like all
>> methods anyone could think of to make as
>> sure as possible the software is correct.
>> I'd start with very skilled and motivated
>> programmers, proceed with sound programming
>> practices, then code review, and then
>> excessive testing.
>> I suppose formal verification would be
>> a distant fourth.
> Well, then it is a very good thing that you
> are NOT in charge of designing that piece
> of software.

What do you mean "not in charge"?

underground experts united

reply via email to

[Prev in Thread] Current Thread [Next in Thread]