| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: sockz at email.com (sockz loves you) Subject: (no subject) ----- Original Message ----- From: "Matthew Murphy" <mattmurphy@...rr.com> Date: Sun, 18 Aug 2002 09:51:02 -0500 To: <full-disclosure@...ts.netsys.com> Subject: Re: [Full-Disclosure] (no subject) > >whitehat using outlook express. hehe, gotta love the irony in life. > > Your point? OE was free, and came installed on my machine (which was > important on my 28.8 kbps connection, which I have happily ditched now), > it's fast, and actually, OE 6 makes some nice security/privacy improvements > over previous versions, and I can access Hotmail from it, which is a plus. > Actually, if you keep your client patched (which us pretty easy with a > couple of apps named "wuauboot.exe" and "wuauclt.exe" from Microsoft that > *also* came conveniently installed as "Windows Update Automatic Update"), > and you have enough common sense not to go double clicking on every other > attachment you receive, OE is just as good as (and usually better than) many > mail clients. kids these days have no appreciation of just how fast the internet is. dude, i was downloading openbsd on a 33k modem only a few months ago... i dont see how your point is very valid. i mean, we're talking about an email client here, not an entire operating system. hotmail is as buggy as outlook express, and as for windows updates... well, i can honestly say that i'd rather patch windows myself, microsofts "updates" seem to cause more problems than they fix. perhaps outlook express is good. perhaps its not. i just found it funny that someone like yourself was actually using the product given its sullied reputation in the security industry. > I wouldn't be protected against it if the details weren't made public and > fixes made > available to me. Just FYI blaming the industry for the proliferation of > security info > is not a very good way to look at this. Vendors should have written secure > code > in the first place, so such vulnerability information would never have to be > distributed. incorrect. vendors are just human. do produce code that perfect you'd end up paying a whole lot more. my method works better. dont approach the whitehat community with your bug. go to the software developers directly. and no one else. that is, assuming you want to tell anyone at all... which i dont personally advocate but we have to be realistic here... some ppl wont let go of ethics, and i understand that. you're probably a good example. > Let me provide you with a rather incredible piece of information on this > subject -- > the list will *never* be moderated. Plain and simple. you have said this a number of times. as have other people. its not all that incredible. really. in fact i'm starting to wonder if this is the only line of defence you whitehats have. to cling to your precious list and scream in a whiney voice "we're not leaving". hell, i dont expect you to. thats far to simple a solution. > >glad to see we have another supporter then. > > I'm not planning on leaving any time soon... thats the spirit! *hands you a pint* *takes it back* you _are_ old enough to drink in your state, right? > These "phrack" idiots are spoiled children -- whine about everything, and > act like > they have some level of importance in the world by way of a pitiful attempt > to > destroy another sign of progress in information security. you dont read much do you, Matthew. i mean you're not into philosophy or sociology a whole lot are you, really. its a shame i dont have more time to explain in detail just how much of a difference the PHC will make in the long run. i'll try and make some time over the next few days to spell it all out for you. stay tuned :) > You referred to the list (the list *named* "Full-Disclosure", btw) as a > middle > ground between those in support of Full-Disclosure and those who aren't. I > don't think we would have named such at it is if it were a "middle ground", > correct? definitions change. discussions on *Full-Disclosure* to date have already covered this phenomena. embrace change, Matthew, dont push it away. > You don't have to be fighting a war to be determined, as is true in this > case. > I am (don't know about you) determined not to let a bunch of bored, anti- > social losers force this list into moderation. if that comment is supposed to be directed at me in some way, then i must protest. i'm not bored. in fact i'm taking time off work to post here so i'd appreciate a bit more respect thanks. and the reason why i am so damned anti-social is because i work harder doing what i do than you ever will. going *outside* is not something one considers when they're working 24hr schedules inside. > >oh i agree. i'm much prefer to see this list turned into an anti-whitehat > >discussion list. seems like much more of an appropriate place than a newer > >list for sure. i mean, this list is much more known than a list that > hasn't > >even been created yet. and its audience is probably more likely to be less > >fearful of involving itself, than say, if this list were renamed to > "WHITEHAT > >HOLOCAUST". dont you agree? > > You won't have a whole ton of support on that one, I'm afraid... (definitely > not any from me) :-) and i'm seeing this exemplified how? on the one hand you're saying you're not going to leave... on the other you say you're not going to support the list... i'm getting conflicting messages here, Matthew. -- __________________________________________________________ Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup
Powered by blists - more mailing lists