lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: nekramer at mindtheater.net (Nancy Kramer)
Subject: InfoSec sleuths beware ...

What Gregory says makes a lot of sense.  MS is trying to use free labor to 
improve their competitive advantage.  The good thing about it is that MS 
software will probably be more secure as a result for the endusers and the 
net community as a whole.

Regards,

Nancy Kramer
Webmaster http://www.americandreamcars.com
Free Color Picture Ads for Collector Cars
One of the Ten Best Places To Buy or Sell a Collector Car on the Web



At 04:45 PM 2/18/2004, Gregory A. Gilliss wrote:
>Did I miss the thread or has no one yet postulated that the Microsoft
>source code subset was leaked intentionally in order to afford M$ the
>free services of hundreds or thousands of security researchers auditing
>their code for them?
>
>It is a known fact that Windows 2000 and XP are soon to be depreciated
>in favor of the next generation OS. W2K and WXP will be supported for
>another year or so afterwards. The new component probably will contain
>some of the current code set, so why not risk a couple of serious exploits
>(like M$ cares) in favor of getting your code certified by the community
>for free?
>
>G
>
>On or about 2004.02.18 13:06:44 +0000, Blue Boar (BlueBoar@...evco.com) said:
>
> > There are clear, admitted cases of reverse engineering by vulnerabiity
> > researchers, which are prohibited by EULA, and which MS has so far
> > declined to pursue.  Why should this be different?  MS afraid the EULA
> > restrictions wouldn't hold up?
>
>--
>Gregory A. Gilliss, CISSP                              E-mail: 
>greg@...liss.com
>Computer Security                             WWW: 
>http://www.gilliss.com/greg/
>PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 
>8C A3
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists