The Problem With Current Security Assesments
"On one end: highly formal assurance
Common Criteria:
Extremely expensive: about $1M for initial assessment
Meaningless answer:
3 bits: EAL0-7
A “high assurance” OS can be rooted the next day by a buffer overflow
So how much of this is “enough”?
"On the other end: Bugtraq Whack-a-mole
Chronic chain of “gotcha” vulnerability disclosures
Each disclosure tells you that you are not secure, but when you are secure is undecided
Not very helpful :)