lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: mole at morris.net (Paul J. Morris)
Subject: Class-action suit points to Microsoft security flaws

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 2 Oct 2003 15:47:26 -0400
"Richard M. Smith" <rms@...puterbytesman.com> wrote:
> Class-action suit points to Microsoft security flaws
> http://news.com.com/2100-1009-5085730.html 
> The lawsuit, filed Tuesday in Los Angeles Superior Court,
> also claims that Microsoft's security warnings are too complex to be
> understood by the general public and serve instead to 
> tip off "fast-moving" hackers on how to exploit flaws in its operating
> system.
   Rather disturbing.  Much as I approve of the rest of the complaint,
it sounds like amicus curiae briefs from the security community are
needed in support of Microsoft on this particular issue.  I find
Microsoft security warnings to usually be not detailed enough and
generaly rely on the rest of the security community for workarounds and
information and tools to verify whether Microsoft's patches have
actually resolved a problem.  This list is indeed based on the principle
that full disclosure of the details of vulnerabilities is fundamental to
maintaining secure systems. 
- -Paul
- -------------
Paul J. Morris  mole@...ris.net
Biodiversity Information Manager, The Academy of Natural Sciences
1900 Ben Franklin Parkway, Philadelphia PA, 19103, USA
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE/fab+eqkk3tLUswERAqOpAJ0fl41FF2/M36+jXx6Q4kT1w67YMQCghhGC
pV4NIfpuETQ8JfLAq0ipKBo=
=PsWF
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists