Re: Integrating two solutions (related to the Calif. bill thread)

From: Arthur Keller <voting_at_kellers_dot_org>
Date: Thu Jan 22 2009 - 03:55:08 CST

At 8:03 PM -0800 1/21/09, Ronald Crane wrote:
>4. Please see the "Limitations of Many Eyes" thread here, begun by
>Brian Behlendorf on 5/19/08, about a study by David Wagner & Ping
>Lee, showing code review's unexpectedly-limited efficacy in finding
>intentionally-placed security flaws. Presumably review is even less
>efficacious in the functionally-obscure, often highly-concurrent,
>and lower-level-language environments that usually characterize
>firmware.

I'm wondering whether the approach in http://www.d50.org/ would have
made a difference in the Wagner, et al., study.

Best regards,
Arthur

-- 
-------------------------------------------------------------------------------
Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA  94303-4507
tel +1(650)424-0202, fax +1(650)424-0424
_______________________________________________
OVC-discuss mailing list
OVC-discuss@listman.sonic.net
http://lists.sonic.net/mailman/listinfo/ovc-discuss
By sending email to the OVC-discuss  list, you thereby agree to release the content of your posts to the Public Domain--with the exception of copyrighted material quoted according to fair use, including publicly archiving at  http://gnosis.python-hosting.com/voting-project/
==================================================================
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
==================================================================
Received on Thu Jan 7 00:09:49 2010

This archive was generated by hypermail 2.1.8 : Thu Jan 07 2010 - 00:09:57 CST