bobsneidar at iotecdigital.com
Thu May 25 22:41:49 CEST 2017
Agreed. I didn't mean to imply that because exploitable code is difficult to sus out, we shouldn't do due diligence in designing things with that in mind in the first place. I don't think Novell has ever been hacked into from the outside. It was written ground up with security, especially network security in mind. My point was that because spotting vulnerabilities in existing code is really REALLY REALLY etc... difficult, both for the hacker and the developer, we can never take the stance that, "Now we have found all the problems".
> On May 25, 2017, at 02:38 , Mark Waddingham via use-livecode <use-livecode at lists.runrev.com> wrote:
> The reality is that whilst exploiting a vulnerability in general is REALLY HARD (seriously, when I say REALLY HARD, I mean REALLY REALLY REALLY HARD and this is why you only tend to see exploits in things which have a very large reward for making that exploit - hackers have to consider ROI too!) - all they need is a vulnerability in the first place.
More information about the use-livecode