About me I found my first security holes in 1987 Created a team to audit all OpenBSD around 1996 Auditing has serious limits.. ... too much complexity to keep in mind So.. started a team to design & integrate a variety of MITIGATIONS Loudmouth Linus called us names; stopped his team from integrating many mitigations into his system See recent article in Washington Post.