lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <LAW11-OE30AbIRiHdNC0000346d@hotmail.com>
From: se_cur_ity at hotmail.com (morning_wood)
Subject: Re: I have fixes for the Geeklog vulnerabilities

> 
> Overall, this is a textbook example of how NOT to handle security issues.
> By not contacting the developers, posting a report full of inaccuracies,
> and, in the end, mostly non-working examples, Lorenzo Hernandez Garcia-
> Hierro has caused uncertainty and confusion amongst the Geeklog users and
> basically wasted everyone's time, including that of the developers. 
> 
> Dirk Haun,
> Maintainer of the Geeklog 1.3.x branch,
> Geeklog Development Team

 Do your own work then... or would you have prefered him
and whoever else he could tell to abuse Geeklog privatly until
you perhaps stumble across the issues? Disclosure helps everyone,
Any security disclosure is good, if you dont like it,
get out of the software business and sell toilet paper.
People like you and your attitudes will only keep
researchers ( and exploits )  underground...
where you obviously have your head.
( hint: pull it out )


Donnie Werner
E2 Labs Pvt Ltd
http://e2-labs.com 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ