lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: WChang at pickatime.com (Wayne Chang)
Subject: U.S. military helps fund Calgary hacker with $2.3 million

"Only one remote hole in the default install, in more than 7 years!"

I take it that it means there has been only one remote hole in the default
install a one 7-year stretch, whether that includes this year or not, it
doesn't say.

1990-1997 is a 7-year stretch.
1991-1998 is a 7-year stretch.

By default install, it means the default install of any openbsd in that
7-year stretch, not specific on one.

It's pretty tricky that the marketting strategists over there wrote up that
sentence, but if it sells one more license, then so be it.

Wayne Chang
Pacific Northwest Software
----- Original Message -----
From: "Pekka Savola" <pekkas@...core.fi>
To: "Blue Boar" <BlueBoar@...evco.com>
Cc: <guninski@...inski.com>; <full-disclosure@...ts.netsys.com>
Sent: Monday, April 07, 2003 3:37 PM
Subject: Re: [Full-Disclosure] U.S. military helps fund Calgary hacker with
$2.3 million


> On Mon, 7 Apr 2003, Blue Boar wrote:
> > I'd be willing to give Theo the benefit of the doubt
> > that the author misunderstood the "Only one remote hole in the default
> > install, in more than 7 years!" claim of the OpenBSD team.  Unless you
> > think that claim is also untrue.
>
> That claim is certainly untrue.
>
> If you take a default install from 7 years back, you certainly have more
> remote holes, in services that have since been removed from the default
> install -- looking 7 years back from *current* default install, not
> default install *7 years back*.
>
> --
> Pekka Savola                 "You each name yourselves king, yet the
> Netcore Oy                    kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ