Implementation vs. Design Defects

I got a comment to my last post that’s worth following up on: Can you comment on what percentage of defects you all are finding are implementation vs. design defects? Its pretty clear that older code that doesn’t have buffer overflows isn’t going to all of a sudden have one.  At the same time older…

1

Securing Existing Code

Just read Michael Howard’s post about differentiating secure features, security features and security response, found at http://blogs.msdn.com/sdl/archive/2007/12/17/security-is-not-all-about-security-updates.aspx, and wanted to offer some counterpoints. Overall, I’m in strong agreement with what he has to say – just because we’re still shipping bulletins and updates doesn’t mean we’re not making forward progress. For one thing, those of…

4

How to cause a regression

This one isn’t really security related, except that we security people often want to get rid of old stuff because it’s sometimes easier to disable it than to make it really robust. If only a few people use it, good attack surface reduction practices tell us that it should be off by default, maybe an…

2