[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <LAW11-OE30AbIRiHdNC0000346d@hotmail.com>
From: se_cur_ity at hotmail.com (morning_wood)
Subject: Re: I have fixes for the Geeklog vulnerabilities
>
> Overall, this is a textbook example of how NOT to handle security issues.
> By not contacting the developers, posting a report full of inaccuracies,
> and, in the end, mostly non-working examples, Lorenzo Hernandez Garcia-
> Hierro has caused uncertainty and confusion amongst the Geeklog users and
> basically wasted everyone's time, including that of the developers.
>
> Dirk Haun,
> Maintainer of the Geeklog 1.3.x branch,
> Geeklog Development Team
Do your own work then... or would you have prefered him
and whoever else he could tell to abuse Geeklog privatly until
you perhaps stumble across the issues? Disclosure helps everyone,
Any security disclosure is good, if you dont like it,
get out of the software business and sell toilet paper.
People like you and your attitudes will only keep
researchers ( and exploits ) underground...
where you obviously have your head.
( hint: pull it out )
Donnie Werner
E2 Labs Pvt Ltd
http://e2-labs.com
Powered by blists - more mailing lists