I find it amazing how bad Bill Gates is at interviews that he can let slip this little choice quote:
"You don't need perfect code to avoid security problems."
He then goes on to indicate that "firewalling and the other is called keeping the software up to date" will avoid security problems.
Well, firewalling won't work if the firewall code isn't `perfect' as it will have holes in it large enough to drive malicious stuff through.
And `keeping software up to date' is another way of saying `patching the holes we have in our not perfect code.'
Nice.
So we don't need perfect code, we just have to be willing to have other people protect imperfect code with their hopefully perfect code, and keep patching their imperfect code.
Posted by hugin at Octubre 31, 2003 01:38 PM