lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: pamatt at centrodiascolto.it (Paolo Mattiangeli)
Subject: Sasser author

I am responsible for security in a small business' network (50-or-so
machines, most of them running MS OSs). I have been aware of MSS bulletins
as soon as they where out, and made sure to apply patches as specified.
Sasser did nothing to my offices' network. But, on the other hand, I have a
single PC at home, one I don't use very much, and I often forget to deal
with security patches on that machine. Well - would you bet? - I got a
Sasser infection at home, which caused me the discomfort of a late-night
session of cleaning, disinfeting, patching and do on. I put the blame on me,
of course. But sure I could have spent that night doing something better,
chat-cheating the wife, reading a book, going to the movies and so on. So my
question is: what wrong did al this do to The Microsoft BEAST? It only did
some wrong to me and my personal life. I could have avoided that, but can't
I feel safe at home? Should I be satisfied at thinking that this guy is a
"social naive" whith no conscience of the consequences of his acts? Isn't
this what the law is meant for, to protect citizens and business from the
consequences of other people's acts?

Just another 0.02 worth comment in this thread, that is going stale IMO...

Paolo Mattiangeli


Powered by blists - more mailing lists