lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <200311051114.39243.dolan@cc.admin.unt.edu>
From: dolan at cc.admin.unt.edu (Patrick Dolan)
Subject: M$ puts bounty out for Blaster and Sobig culprits

Should we do the same for the engineers who wrote Sendmail, Apache, OpenSSH, 
etc, etc.?

I enjoy a little MS bashing as much as the next guy but everybody makes 
mistakes.  The problem is with MS attitude towards efficient/effective 
patching as well as users who don't know jack about security.

The average *nix user tends to be much more technically proficient in OS 
managment because usually you have to be.

On Wednesday 05 November 2003 10:05 am, Eric Bowser wrote:
> What about a bounty for the original engineer who wrote the flawed OS
> components?
>
> On Wed, 2003-11-05 at 10:02, Vic Vandal wrote:
> > M$ is offering $250K for info leading to the arrest of those
> > who released Blaster and/or Sobig.  See the details here:
> > http://news.com.com/2100-7355_3-5102110.html?tag=nefd_top
> >
> > One outcome of this will be severely limiting bragging about
> > pulling off such sploits.
> > And one would think those actually guilty should be real busy
> > right now erasing any/all evidence (that they didn't take care
> > of long ago).
> >
> > Maybe M$ should put out a bounty for reporting bugs in their
> > crappy software without going public instead.  That might be
> > more effective.
> >
> > Peace,
> > Vic
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html

-- 
Patrick Dolan
UNT Computing and Information Technology Center

PGP ID: E5571154
Primary key fingerprint: 5681 25E4 6BE6 298E 9CF0  6F8D B13B 2456 E557 1154

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ