lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040218214544.GD8545@netpublishing.com>
From: ggilliss at netpublishing.com (Gregory A. Gilliss)
Subject: InfoSec sleuths beware ...

Did I miss the thread or has no one yet postulated that the Microsoft
source code subset was leaked intentionally in order to afford M$ the 
free services of hundreds or thousands of security researchers auditing
their code for them?

It is a known fact that Windows 2000 and XP are soon to be depreciated
in favor of the next generation OS. W2K and WXP will be supported for 
another year or so afterwards. The new component probably will contain
some of the current code set, so why not risk a couple of serious exploits
(like M$ cares) in favor of getting your code certified by the community 
for free?

G

On or about 2004.02.18 13:06:44 +0000, Blue Boar (BlueBoar@...evco.com) said:

> There are clear, admitted cases of reverse engineering by vulnerabiity
> researchers, which are prohibited by EULA, and which MS has so far
> declined to pursue.  Why should this be different?  MS afraid the EULA
> restrictions wouldn't hold up?

-- 
Gregory A. Gilliss, CISSP                              E-mail: greg@...liss.com
Computer Security                             WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ