[SC-L] Economics of Software Vulnerabilities
Crispin Cowan
crispin at novell.com
Mon Mar 19 15:00:09 EST 2007
Gary McGraw wrote:
> I'm not sure vista is bombing because of good quality. That certainly would be ironic.
>
> Word on the "way down in the guts" street is that vista is too many things cobbled together into one big kinda functioning mess.
I.e. it is mis-featured, and lacks on some integration. This is a
variation on not having desired features. And there certainly are big
features in Vista that were supposed to be there but aren't (most of
user-land being managed code, relational file system).
It is also infamously late.
So if the resources that were put into the code quality in Vista had
instead been put into features and ship-date, would it do better in the
marketplace?
Sure, that's heretical :) but it just might be true :(
Crispin, now believes that users are fundamentally what holds back security
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering http://novell.com
AppArmor Training at CanSec West http://cansecwest.com/dojoapparmor.html
More information about the SC-L
mailing list