| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <001a01c377c4$820b9b80$03fea8c0@Static> From: chrisw at cinci.rr.com (Chris Wanstrath) Subject: Office 2000 Vulnerability Killing a thief and putting him in jail are two radically different punishments and I think everyone can agree that if a thief steals a typical truck but the brakes are out, the potential unintended loss of human life is too high to simply ignore it and let the problem "solve itself," by means of the thief's death. And as far as applying security patches to pirated versions of Windows XP or Office, it's been my experience that there is no problem. My experience, however, is limited to a friend who lost (probably trashed) all of the literature and disks included with his computer. As a result, he thought it would be easier to burn a pirated copy of XP and use that instead of going out and buying another disk. I'm sure this probably violates his license agreement, but my point is that I know for a fact he never had any problems running the standard Windows Update after completely re-formatting and installing the pirate copy. Same with Office. -- Chris Wanstrath : chrisw@...ci.rr.com LW Consulting : www.lw-consulting.com -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Rainer Gerhards Sent: Wednesday, September 10, 2003 11:11 AM To: Jason Bethune Cc: full-disclosure@...ts.netsys.com Subject: RE: [Full-Disclosure] Office 2000 Vulnerability > Yes I have seen pirated copies on clients machines that can > have SP1 and SP2 > applied but it is tricky and not for the novice user. Once > SP1 and Sp2 have > been applied it can then be updated fully to all the > vulnerabilities. I am > sure there are tons of pirated copies floating around that > the usual user > would not have a clue on how to patch them. Whether it is up > to m$ to allow > these to be patched is a whole kettle of beans that I will > assume they would > say if you don't pay for it then $crew you. We are ourselvs selling software. Thus I know the issue. My point is that this way aren't the hurting the community at large more than the pirates? So they may screw the pirate, but in doing so they screw me, a legitimate customer. I also think this is not an MS-only issue. In fact, I need to think about our own policies in this regard... In the real world, would it be OK if you let a thief crush a truck because you know the brakes are broken but you don't tell him? What about the innocent victims that got hit by the truck? Rainer _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists