| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 19 Dec 2008 15:09:11 +0000 From: n3td3v <xploitable@...il.com> To: "James Rankin" <kz20fl@...glemail.com>, full-disclosure@...ts.grok.org.uk Cc: n3td3v <n3td3v@...glegroups.com> Subject: Re: Microsoft issues out-of-band patch On Fri, Dec 19, 2008 at 2:55 PM, James Rankin <kz20fl@...glemail.com> wrote: > "MI5 have their systems patched against > flaws that are not known about by other entities" > > Yeah, of course they do. because writing your own patches will definitely > make sure that your enterprise is properly supported and secured, and all > your mission-critical apps will continue to function. I remember someone > writing their own patch for an exploitable vulnerability a few years ago and > MS were quick to warn everyone thinking of using it that it would invalidate > their support agreements. Of course I am sure MI5 have their own versions of > their core operating systems, a support staff that can rewrite the entire NT > kernel, and aren't just part of the UK government's hugely-outsourced IT > function. > > Incidentally save your flames, I was doing my Friday spam clearout when I > saw this. > > Cheers, > > JJ The fact is this: It's not in the public interest for flaws to be known by the public, because one more flaw in public circulation is one less flaw to fight criminal and terrorist activity with. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists