lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.58.0402041219320.29242@thrush.doc.ic.ac.uk>
Date: Wed, 4 Feb 2004 12:27:36 +0000 (GMT)
From: Philip Rowlands <phr@....ic.ac.uk>
To: Larry Seltzer <larry@...ryseltzer.com>
Cc: bugtraq@...urityfocus.com
Subject: Re: Hysterical first technical alert from US-CERT


On Tue, 3 Feb 2004, Larry Seltzer wrote:

>I just got the alert below from US-CERT. It's one of the new lists they
>started. Some things about it bother me.
>
>First, it's dated 1/28, the day MyDoom.B was discovered, and the
>message sent field says that too; other dates in the headers disagree.
>
>Second, and more to the point, it takes an extreme view of MyDoom.B
>that nobody else is supporting, including the sources they cite.
>MyDoom.B is a flop.
>
>Am I misreading something? Did anyone else get this on 1/28?

Yes; everyone subscribed to the [Carnegie Mellon] CERT/CC list. It's
been swallowed by US-CERT:

http://www.cert.org/advisories/us-cert-announcement.html

however...

"significant changes to CERT Advisories that will not only maintain the
accuracy and fairness that are the hallmarks of CERT Advisories, but
will also provide more information about more topics than before"

and

"We will maintain the same high quality control standards, edit content
for security and privacy, and work to ensure technical accuracy as well
as timeliness."

Thank DoHS for that!


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ