| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030702122150.GA10314@eiv.com> From: smcmahon at eiv.com (Shawn McMahon) Subject: Microsoft Cries Wolf ( again ) On Tue, Jul 01, 2003 at 05:58:10PM -0500, Schmehl, Paul L said: > > before code is released. (OpenBSD has been doing this for years, and > look at the results.) Trojaned release of OpenSSH because the project leader ran a horribly-coded IRC client on the CVS server? A string of exploits in OpenSSH? What they're doing is necessary, but it's not sufficient. Call it a good step one. (And lest anybody think I'm flaming OpenBSD here, it's a step one that hardly anybody else has taken. They're way ahead of the curve.) Step two is probably reducing complexity, but I'm a weak coder so I'll shut the eff up now. -- Shawn McMahon | Let every nation know, whether it wishes us well or ill, EIV Consulting | that we shall pay any price, bear any burden, meet any UNIX and Linux | hardship, support any friend, oppose any foe, to assure http://www.eiv.com| the survival and the success of liberty. - JFK -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030702/99fc4dc0/attachment.bin
Powered by blists - more mailing lists