lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: phc at hushmail.com (phc@...hmail.com)
Subject: Organization for Internet Safety (OIS) formally announced

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

PHC is very happy about this move by Microsoft and other companies
such as Symantec/SecurityFocus.

The FAQ is a 180 degree turn on what they promoted in the past in order to
stuff their pockets and tend to their bottom line, but at least their new
self-serving and highly lucrative endeavour no longer conflicts with our own
interests. Get rid of 'proof of concept' code. Idiots shouldn't have this
spoonfed to them on the lists.

Keep up the good work Microsoft. We were all pulling for you.

And SecurityFocus, congratulations on deceiving the public sheep for so
long...  convincing them you had the innocent Netizen's interests at heart
while your profit margin widened as a result of your mastery of capitalizing
on insecurity, scare tactics, and FUD. Little did they know how corrupt and
criminal you were, but at least now that you've jumped into bed with
Symantec and Microsoft you can unashamedly spread your corporate wings and
soar without fear of reprisal by those who knew what you were up to all
along.

It is a glorious day indeed. We're looking forward to a few months from now
when there'll be only tumbleweeds blowing across The Land of Bugtraq, and
when Dug Song can go back to his monkey stomp parachute float drops from
Crip monuments in Detroit (Dug Song hacks).

cu


On Mon, 30 Sep 2002 19:48:42 -0700 "Steven M. Christey" <coley@...us.mitre.org> wrote:
>
>For those of you who care about vulnerability disclosure issues,
>the
>"Organization for Internet Safety" (OIS) formally announced its
>existence.  This is the same group of security and software companies
>that has been discussed in past months.
>
>The founding members are: @stake, BindView, Caldera International
>(The
>SCO Group), Foundstone, Guardent, ISS, Microsoft, NAI, Oracle, SGI,
>and Symantec.
>
>Note that my employer, MITRE, is not a member of OIS.  This often
>causes confusion because I have been involved in writing documents
>that OIS may use as part of their own policies.
>
>Some articles are at:
>
>  http://www.theregister.co.uk/content/55/27312.html
>
>  http://www.eweek.com/article2/0,3959,558881,00.asp
>
>The OIS home page is at:
>
>  http://www.oisafety.org
>
>A FAQ is at:
>
>  http://www.oisafety.org/about.html
>
>
>The FAQ should be of high interest to anybody who does vulnerability
>research.
>
>- Steve
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wlgEARECABgFAj2Zmy4RHHBoY0BodXNobWFpbC5jb20ACgkQ0rw64nEc6GJLvACgjiBp
d39siuZjFZhs8T6o8H52zDcAn0ofQyvCBJX3yZe3i5QU7odkp24v
=hv4E
-----END PGP SIGNATURE-----




Get your free encrypted email at https://www.hushmail.com

Powered by blists - more mailing lists