|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Security discussion: Summary of proposals and criteria (was Re: Security vulnerability process, and CVE-2012-0217)
>>> On 03.08.12 at 19:31, George Dunlap <George.Dunlap@xxxxxxxxxxxxx> wrote: > Secondly, my original discussion had assumed that the risk during > "public vulnerability" for all users was the same. Unfortunately, I > don't think that's true. Some targets may be more valuable than > others. In particular, the value of attacking a hosting provider may > be correlated to the value to an attacker of the aggregate of all of > their customers. Thus it is simply more likely for a large provider > to be the targt of an attack than a small provider. Not necessarily - if the same attack works universally (or can be made work with very little additional effort), using it against many smaller ones may be as worthwhile to the attacker. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |