| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: guninski at guninski.com (Georgi Guninski) Subject: http://security.tombom.co.uk/moreshatter.html CC'ing secure@...rosoft.com to throw some light on this. secure@...rosoft.com: Are you taking this seriously? Really really seriously? Or are some application writers irresponsibly writing insecure code which opens windows on windows - like in "net send 127.0.0.1 lol" ? Georgi Guninski http://www.guninski.com Schmehl, Paul L wrote: > Interesting. I had a lengthy email argument with a MS rep about > shatter. He swore up and down that it wasn't a MS problem, but a bad > applications programmer problem. He finally grudgingly admitted that MS > probably shouldn't make it so easy to be a bad applications programmer > and said he would forward my concerns to MS Security. Maybe now they'll > actually take the issue seriously (yeah, right!) > > Paul Schmehl (pauls@...allas.edu) > Department Coordinator > The University of Texas at Dallas > AVIEN Founding Member > http://www.utdallas.edu/~pauls/ > > > >>-----Original Message----- >>From: Georgi Guninski [mailto:guninski@...inski.com] >>Sent: Tuesday, September 17, 2002 4:56 AM >>To: full-disclosure@...ts.netsys.com >>Subject: [Full-Disclosure] >>http://security.tombom.co.uk/moreshatter.html >> >> >>http://security.tombom.co.uk/moreshatter.html > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > >
Powered by blists - more mailing lists