lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: dhtml at hush.com (dhtml@...h.com)
Subject: public comment period for the Draft Security Vulnerability Reporting and Responding Process (OISAFETY)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>is
>the result of a lengthy collaboration between leading security
>researchers and  software vendors.  We have worked hard to develop

Ah yes, yet another feeble attempt to generate income in a dwindling
internet economy. Boy, what a rag tag team of losers wo came up with
this idea. Wasn't this Christey's mission last year as well?

Let's see -

@stake
BindView,
Foundstone,
Guardent,
Internet Security Systems,
Network Associates
Symantec
Microsoft
SGI
Oracle
Caldera International (The SCO Group)

Well, @stake are basically useless. What do they put out maybe 3 times
a year, some puny advisory about apple aiport, or GSM blinking lights
or something? They've been in Microsofts back pockets from day one.
Their position and interest is understood.

Bindview. Not sure what their ulterior motives are, certainly the money
@stake now and in the future. They;re somewhat neutral. Strictly bizziness
I think.

Foundstone, ha ha ha, if anyone made their moolah of Microsoft, its these
guys. Shiney clean prep boys churning out books every opportunity they
can, lead gold certified security "associates" of Microsoft. No doubt
the biggest recipient of Billy Boy's bones.

Guardent. Bah, wannabees. Also seeking some fame and money.

Internet Security Systems. ha ha ha ha. Say, quick, no one's looking
lets throw out an Apache vuln. No credibility, only interested in hooking
in to sell their zuper zophisticated zoftware. Will change colors for
the drop of a dime.

Network Associates. What? Yeah right. Wouldn't know security if it bit
them on their bloated virus software. Notorious glamour group, will seek
out the spot light whereever possible. Along for the ride on this one.

Symantec. Ho Ho Ho. Had to buy bugraq to know what security means. Only
along for the ride because NAI is there.

SGI. Maybe embarrassed once too often.

Oracle. Definitely embarrassed more than once too often. Hell, what do
you expect when you get an ugly twat to do a man's job. "Unbreakable"
we swear by it ha ha ha. "You have some researchers who think that if
a vendor can't fix things right away, they think they are lazy," said
Mary Ann Davidson, quit whining sweetie and hike down your inch thick
nylons so we can take a peek at what's under there :)

Caldera International (The SCO Group). I'll sue you, I sue you. Yeah,
in bed with Billy Boy now and toeing the line. Boy oh boy, what money
can do.

and last of all...

Microsoft. Well, well, well. What have we here. The utimate churn mill
of garbage product. The miser who counts his 80 billions in cash while
the ships he just sold all sink. Ha ha ha ha ha. Trustworthy Computing.
Let's flash our billions around, gather up the groups above, bury our
problems from the public and hope they go away. Say, lets create new
Microsoft Security Certificates (rotfl), sell them, authorise the groups
above to dispense them, steer security business their way, if they just
all play along. The centuary's most inept company, riddled with criminial
charges but government after government, losing market share to open
source international faster than you can throw a pie in the owner's face.
Lookee here, our old friend Scotty Gulp, still singing the same old song
"Confusion, when dealing with vulnerabilities, ends up hurting the people
we are trying to protect: the users." Confusion? What confusion. You
make garabge, sell it to people, it breaks and they cannot get a refund.
Here's an idea Gulpy, instead of designating 10 guys to count 8 billion
dollars every day, get a billion guys for 80 dollars to pour through
your code. HUH? DUH!

And so we have it, the transparent bunch of lame numbnuts out to make
a few more pennies, all under the guise of security and "trying to protect:
the users" --- BILL SHIT I SAY! You don't care, everything you do and
make is sugar coated garbage. Shiny "neat" "cool" "gadgets" and "gizmos"
put together with perforated paper, just waiting to tear.

Get real, the whole lot of you. Your stupid idea will never work. What
is the enforcement. NOT being credited by Micorosoft in their bulleting.
Yeah, that's a REAL incentive that is. Not get a cute little plaque or
cute little certificate stating you played by the rules? What exactly
are you going to give all the people who slave over your shitware and
find all the problems you intentionaly miss, intentionally because its
too expensive to take that second look.

Quit churning out shit, quit hording your money,  quit whining about
the free research you continue to receive, quit pointing your weasel
fingers every other way...

FIX YOUR OWN FUCKING PRODUCTS BECAUSE WE SURE AS HELL AIN'T GONNA PLAY!




- --

-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.3

wkYEARECAAYFAj7ewiIACgkQTAj0ZSCgbx7jCwCfX9iYAQ59ulZtoCaDd3qwgvlTUHoA
njWy84qONijSiSNn2Zw1laQPUMn9
=9wd5
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ