| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Law11-OE68rMbzjqruz000044da@hotmail.com> From: se_cur_ity at hotmail.com (morning_wood) Subject: GUNINSKI THE SELF-PROMOTER >Last year, when Guninski discovered a security hole inside Microsoft's >Office XP, he informed the company about his discovery, waited 14 days, >then published instructions on how it could be exploited. > >Not enough time > >Microsoft said that wasn't enough time to issue a patch. And, frustrated >with the entire full-disclosure principle, it began using such situations >to bolster arguments that the entire bug-reporting system needs an overhaul i think an email acknowledging the person would proaly keep most from publishing, generally that is where the frustration lies, not in a fast patch, but a simple "thank you" or "could you help us" "thank you, we will see to it we mention you for bringing this to our attention" ... its not like we want $1,000,000. some of us compete in an employment market wrought with book educated admins making 6 figure incomes, and we are digging out thier mistakes. Just because someone don't look good on resume doesnt mean they should not be highly sought after. I personaly would be proud to have Mr Gudinski , or Mitnick and of the others on my payroll anyday Donnie Werner http://nothackers.org/about.php
Powered by blists - more mailing lists