| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <43BDB605.9010003@linuxbox.org> Date: Fri, 06 Jan 2006 02:12:53 +0200 From: Gadi Evron <ge@...uxbox.org> To: Adrian Marsden <amarsden@...det.org> Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: what we REALLY learned from WMF Adrian Marsden wrote: > This is a silly post.... What are you trying to prove? That in some cases a company can test a patch quicker than in others? > > MS understood the issue, promised a fix on their scheduled date and did better than expected.... So you criticise them.... > > Way to go.... Make it so they can never win.... then they won't bother... and we all know who suffers then.... I may chose MS as an example that companies CAN do better. I believe this "fluke" gave us the perfect example of how security incidents should be handled. Why should we now settle for less? Naturally, each problem has its own issues and time demands. That doesn't change the fact of the matter. Gadi. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists