lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <871080DEC5874D41B4E3AFC5C400611E029129CC@UTDEVS02.campus.ad.utdallas.edu>
From: pauls at utdallas.edu (Schmehl, Paul L)
Subject: it's all about timing

Ask yourself this question.....how many weeks of advance notice to the
vendors will it take to make you lawsuit-proof?

If you're at all intelligent, you'll realize there's no right answer to
that question.  It depends on how pissed the vendor is, how much cash
they have laying around, how much work their lawyers have, how much the
publicity hurts, etc., etc., etc.

It would be nice, in a perfect world, to have everyone adapt rfp's
disclosure guidelines, but it ain't gonna happen.  Not in this world.
And do you really think a hacker in, say the Netherlands, gives a rats
ass about a lawsuit in America?  (Or vice versa?)

Paul Schmehl (pauls@...allas.edu)
Supervisor of Support Services
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/


> -----Original Message-----
> From: Florin Andrei [mailto:florin@....com] 
> Sent: Wednesday, July 31, 2002 4:27 PM
> To: bugtraq@...urityfocus.com
> Cc: full-disclosure@...ts.netsys.com
> Subject: [Full-Disclosure] it's all about timing
> 
> 
> (i'm going to go a little bit further from the HP/Snosoft 
> case, so don't be surprised if some of the statements below 
> do not fit 100% in that
> case)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ