lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <611105799.20030112134612@inet-sec.org>
From: orochford at inet-sec.org (O.C.Rochford)
Subject: Fwd: fuck symantec & boycott bugtraq

hello

that is quite frankly a lot of bollocks.

fact is that you can't research everything yourself, the amount of
information is just too great, all this does is remove a place where
peoples own research can be speeded up without having to reinvent the
wheel, as well as sharing the findings of research.

If you are saying you can audit the code of a whole OS yourself, than
you must be a code god, and all of these people who bitch about
"sciptkiddies" and the like just stealing other people's research
should only say so if they have never made use of these sources
themselves.
You have to start somewhere to learn, and you have to be able to pool
resources to share the load in auditing the amount of code and
programs available today.

regards
O.C.Rochford



Saturday, January 11, 2003, 10:00:08 PM, you wrote:

r> -----BEGIN PGP SIGNED MESSAGE-----

r> [Full-Disclosure] Fwd: fuck symantec & boycott bugtraq 

>>(snip) They went out of their way 
>>to intentionally remove a feature from the public database.  It's not
>>like they've decided it's too much work to keep maintaining or 
>>something, they've got paying customers for the commercial version.  
>>I can only imagine that this was a policy decision because Symantec 
>>didn't want to be seen as hosting the exploits they are trying to 
>>protect their customers against.  Same reason they don't make 
>>malicious code samples available to the public.

r> Corporate ass-covering and profiteering at its worst. No great shock
r> there. 

r> Not that any of this matters, in the long run: the only people this is
r> going to impact in the slightest are script kiddies (the standard
r> variety, as well as hidebound ""professionals"" firmly attached to the
r> corporate teat) too stupid or lazy to research the information
r> themselves. The community will adapt, one way or another. Those left
r> behind will have only themselves to blame.


r> I say anything which speeds up the Darwinian course of events can only
r> be a good thing. Let's hear it for natural selection. 

r> Ratel.

r> ***


r> "Americans used to roar like lions for liberty. Now we bleat
r> like sheep for security." - Norman Vincent Peale.


r> -----BEGIN PGP SIGNATURE-----
r> Version: MailVault 2.2 from Laissez Faire City http://www.mailvault.com

r> iQA/AwUAPiCT0uYNtyh3zif9EQJSRwCfSrfi9LtzXPMa9mHKxso+BtGVMF4AoJDe
r> qq50xusT9pgg4K4OKm/ucoUK
r> =A4oR
r> -----END PGP SIGNATURE-----



-- 
Best regards,
 O.C.Rochford                            mailto:orochford@...t-sec.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ