lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.GSO.4.43.0312191104520.21720-100000@tundra.winternet.com>
From: dufresne at winternet.com (Ron DuFresne)
Subject: atrticle in:  Security Wire Perspectives, Vol. 5, NO. 93, December
 19, 2003

Was Shawna McAlearney's assessment of Liu Die Yu's recent findings in M$
products correct in stating his inticement was:

<quote>
Several weeks ago Chinese researcher Liu Die Yu posted several
Internet Explorer flaws to the Full-Disclosure security mailing list.
His reasoning: Microsoft hasn't given him credit for prior
vulnerabilities he reported.
</quote>

Was this correct?  I do not have all the original posts on hand, but, I
do not recall any lament about M$ not giving him the recognition
he felt was deserved for previous findings, though I may well have missed
this.  The reason I ask is, there has been a large shift in the security
"lists/field/top dogs" in trying to avoid casting blame/responsibility at
M$ for the products it has pushed into the market place, perhaps due to the
deep pockets and breadth of market saturation, thus dependance of many
upon the M$ pocketbook to feed the rest of the industry in one fashion or
another.  The critical  articles of a year+ past seem to now, especially
after the @stake recent actions, to be focused these days upon
avoiding mentioning the shortcomings from redmond.  Are others reading the
same these days?

Thanks,


Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
	***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ