| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200211250540.gAP5e2113761@www.addresses.com> From: hggdh at attbi.com (HggdH) Subject: Blackhats, Check this website out. This is HggdH, I have just visited a website I thought you might be interested in. The site is Addresses.com - The Largest email directory and database on the Internet and is located at http://www.addresses.com I thought you might like to check it out, it's pretty cool! . From: \"Paul Szabo\" <psz@...hs.usyd.edu.au> . To: <bugtraq@...urityfocus.com>; <full-disclosure@...ts.netsys.com> . Sent: Friday, November 22, 2002 04:36 . Subject: [Full-Disclosure] MS02-065 vulnerability . . (...) . . Is this what Microsoft calls \"responsible disclosure\"? . . (...) Please note they do recognise it, and also state that one should trust *noone*, including Microsoft. Quoting: \"What steps could I follow to prevent the control from being silently re-introduced onto my system? The simplest way is to make sure you have no trusted publishers, including Microsoft.\" I do think this is \"responsible disclosure\". Even more: I think they did the right thing, when stated it. Would you rather have Microsoft *not* stating it? The only point I think should be made here is that Microsoft should have stated it clear and loud -- perhaps on it\'s own Security Bulletin. How many people really go and read it? After all, Microsoft is actually saying \"do not trust me\". The real interesting part, for me, is that the trust on the trusting mechanism has been shattered. Finally. .
Powered by blists - more mailing lists