lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: mole at morris.net (Paul J. Morris) Subject: Class-action suit points to Microsoft security flaws -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 2 Oct 2003 15:47:26 -0400 "Richard M. Smith" <rms@...puterbytesman.com> wrote: > Class-action suit points to Microsoft security flaws > http://news.com.com/2100-1009-5085730.html > The lawsuit, filed Tuesday in Los Angeles Superior Court, > also claims that Microsoft's security warnings are too complex to be > understood by the general public and serve instead to > tip off "fast-moving" hackers on how to exploit flaws in its operating > system. Rather disturbing. Much as I approve of the rest of the complaint, it sounds like amicus curiae briefs from the security community are needed in support of Microsoft on this particular issue. I find Microsoft security warnings to usually be not detailed enough and generaly rely on the rest of the security community for workarounds and information and tools to verify whether Microsoft's patches have actually resolved a problem. This list is indeed based on the principle that full disclosure of the details of vulnerabilities is fundamental to maintaining secure systems. - -Paul - ------------- Paul J. Morris mole@...ris.net Biodiversity Information Manager, The Academy of Natural Sciences 1900 Ben Franklin Parkway, Philadelphia PA, 19103, USA -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE/fab+eqkk3tLUswERAqOpAJ0fl41FF2/M36+jXx6Q4kT1w67YMQCghhGC pV4NIfpuETQ8JfLAq0ipKBo= =PsWF -----END PGP SIGNATURE-----
Powered by blists - more mailing lists