| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Glenn_Everhart at bankone.com (Glenn_Everhart@...kone.com) Subject: grsecurity: Another one bites the dust... Anybody know what the patent claims are? Some of the descriptions of grsecurity sound an awful lot like technology I developed for VMS and published in the late 1990s in the Safety program (still available, free) or documented as trivial extensions (rate limits). A brief description of the Safety program is at http://users.rcn.com/gce in case there is a wish to see what it has in a very limited way. It assumes the VMS ACL system of course, and some of the other security goodness in VMS, but gets fairly tricky in other ways. The rate limiting idea was something I have described as a useful feature for at least the past 6-7 years and can be found here and there in my mails and some bits of publications (DECUS sigtapes mainly). At any rate, it is possibly prior art and publication, and was certainly released to the public and should be useful in defending claims that functions it provides could be patented by someone else. At one time I wanted to sell Safety, but gave up on that and just published the sources several years ago. The documents had been published when it was first implemented (along about 1995). While there is a bunch of other stuff in grsecurity that is not in Safety it is probably worth while to keep aware of what has been published (even in publications that (alas) seem to have narrow circulation) so that if someone claims patents on some of those functions, the patents can be disputed. Glenn Everhart -----Original Message----- From: Jeff [mailto:jeff@...r.net] Sent: Monday, March 31, 2003 10:14 PM To: full-disclosure@...ts.netsys.com Subject: [Full-Disclosure] grsecurity: Another one bites the dust... http://www.grsecurity.net Looks like another big company screwed over a team of innocent developers. It's a shame, grsecurity had so much promise. Figures. -jeff _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html ********************************************************************** This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you **********************************************************************
Powered by blists - more mailing lists