| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Jan 2006 12:05:09 +0100 From: Denis Jedig <seclists@...eticon.de> To: Joe Polk <listuser.jav@...il.com> Cc: bugtraq@...urityfocus.com Subject: Re: Did MS pull an Ilfak? (MS patch bindiff results) Joe Polk wrote: > Actually, Ilfak never tested his patch on a Win 9x machine. Steve > Gibson, however, plans to write a patch for 95, 98, and ME if Microsoft doesn't. The patch Ilfak wrote can't work on a Windows 9x machine since it relies on technology that did not exist in Windows 9x. The idea that Gibson is going to "write" a patch for Windows 9x and save the mankind sounds pretty ridiculous. Even if there will be a patch for Windows 9x written by third parties *and* GRC happens to be one of them (or at least claims being one of them, probably the best and/or the only one), I am pretty confident that Gibsons solution is to be considered the least trustworthy one. He never published sophisticated software (and still there is no claim that he really wrote the software he publishes) and he apparently has absolutely no clue about the security implications he is talking about. GRC looks like a huge marketing bubble without *any* fundamental security researcher knowledge behind it. For more information on the status of the WMF vulnerability in Windows 9x i'd like to refer to an article by Swa Frantzen at SANS ISC: http://isc.sans.org/diary.php?storyid=1024 For more non-marketing information on GRC please refer to: http://www.grcsucks.com/ Regards, Denis Jedig syneticon networks GbR
Powered by blists - more mailing lists