lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5.0.0.25.2.20031216090631.016d0198@pop3.direcway.com>
From: madsaxon at direcway.com (madsaxon)
Subject: A funny  (but real) story for XMAS

At 09:38 AM 12/16/2003 -0500, Jeffrey.Stebelton@...ys.com wrote:
>What
>exactly is supposed to "suck" about the site, I wonder??

I don't know that anyone believes the site itself "sucks."
There are those who have an objection to the fact that
CERT is taxpayer-funded, yet charges a fee for its 'premium'
services; i.e., for earliest notification.  For those of us
who don't pay that fee, CERT advisories most often come along
far too late to do any good. Add to that numerous charges of
conflict of interest and less than sterling competence,
and you can see that CERT is perhaps not the resource they
would like you to believe.

Here's Jericho's rant outlining some of the issues:

http://www.attrition.org/security/rant/z/jericho.007.html

There are myriad others available with a little Googling.

The reason OSVDB isn't well populated yet is that each
vulnerability has to be evaluated and written up afresh
in order to avoid violating any existing DB's copyrights.
That takes time.  If you want to shorten that time, go
volunteer. :-)

m5x

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ