lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: joel at helgeson.com (Joel R. Helgeson)
Subject: IE Changes / Software Patents

Does anyone care to wager how many security vulnerabilities Microsoft will
create by making this change?

Joel R. Helgeson
Director of Networking & Security Services
SymetriQ Corporation

"Give a man fire, and he'll be warm for a day; set a man on fire, and he'll
be warm for the rest of his life."
----- Original Message ----- 
From: "Rainer Gerhards" <rgerhards@...adiscon.com>
To: <full-disclosure@...ts.netsys.com>
Sent: Tuesday, October 07, 2003 2:36 PM
Subject: [Full-Disclosure] IE Changes / Software Patents


> I just found a very interesting effect of software patents:
>
> http://www.microsoft.com/presspass/press/2003/oct03/10-06EOLASPR.asp
>
> As was posted on this list not so far ago, Microsoft lost a case against
> Eolas on some aspects of ActiveX embedding in IE. Their technical
> reaction is a good sample of what software patents cause:
>
> http://msdn.microsoft.com/ieupdate/activexchanges.asp
>
> In short
>
> - a lot of web pages are broken (even PDF should not work in all cases)
> - the user will become educated to press OK on popups even more often
> - wild workarounds are created (base64 encode the parameter instead
> passing it clear-text) to avoid patented code
>
> That last point is not written directly in the msdn document, but I read
> between the lines this will be the preferred workaround.
>
> Isn't that nicely?
>
> Rainer
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>


Powered by blists - more mailing lists