From owner-freebsd-security Tue Jun 25 6:40:29 2002 Delivered-To: freebsd-security@freebsd.org Received: from home.24cl.com (174.113.sn.ct.dsl.thebiz.net [216.238.113.174]) by hub.freebsd.org (Postfix) with ESMTP id 7F19D37B405 for ; Tue, 25 Jun 2002 06:40:22 -0700 (PDT) Received: from ntmm (unknown [63.119.50.193]) by home.24cl.com (Postfix) with ESMTP id 74FFB2B27E; Tue, 25 Jun 2002 09:40:20 -0400 (EDT) Message-ID: <200206250940210524.03A3F77E@sentry.24cl.com> In-Reply-To: <200206250625.QAA01010@caligula.anu.edu.au> References: <200206250625.QAA01010@caligula.anu.edu.au> X-Mailer: Calypso Version 3.30.00.00 (1) Date: Tue, 25 Jun 2002 09:40:21 -0400 Reply-To: myraq@mgm51.com From: "MikeM" To: avalon@coombs.anu.edu.au, ahl@austclear.com.au (Tony Landells) Cc: freebsd-security@FreeBSD.ORG Subject: Re: Hogwash Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 6/25/02 at 4:25 PM Darren Reed wrote: > What benefit are we *really* getting from their "code audits" ? ============= We are getting the benefit of all the security bugs and issues that they *have* found and fixed before they were found by others. Do I expect the security audits to catch everything? No. To have that expectation would be unreasonable. Do I feel that proactive security is better than reactive security? Yes. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message