lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3DCA66FF.6080000@guninski.com>
From: guninski at guninski.com (Georgi Guninski)
Subject: Security Industry Under Scrutiny: Part One

sockz loves you wrote:
> * whitehats should contact vendors and not public forums as only the vendors can
>   release an update.

This is false. In open source, everyone has the chance to produce a patch, and I 
have done it a few times, not being a vendor.
Why contact vendors if you don't like them and their license agreement sux?
You obviously don't like whitehats, but you don't contact whitehats in private 
in order to change them. Same goes in real world, if you don't like politicians 
for example.

georgi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ