| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 7 Jul 2012 17:06:45 +0300 From: Georgi Guninski <guninski@...inski.com> To: Peter Dawson <slash.pd@...il.com> Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: Re: How much time is appropriate for fixing a bug? On Fri, Jul 06, 2012 at 01:24:44PM -0400, Peter Dawson wrote: > Thor (Hammer of God) : <If and when they fix it is up to them.> > > so if vendor don't fix it /ack the bug.. then what ?? > Responsibility works both ways.. Advise the vendor.. if they say fuck it.. > I say fuck u.. and will advise the community ! > > There is a responsibility to disclose a venerability to the community so > that they can take down/block /deactivate a service . > > ".All that is necessary for the triumph of evil is that good men do > nothing. " -whoever ..fuck it ! > > /pd > > vendors know better, the messenger is guilty. design flaws are hard and expensive to fix, lol. there is time for fixing and there is time for breaking any vendor will tell you. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists