lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <EKECJMGPAACGOMIGLJJDCEAAEAAA.geoincidents@getinfo.org>
From: geoincidents at getinfo.org (Geo.)
Subject: Re: Second critical mremap() bug found in all Linux kernels

>>At the risk of another dodgy car analogy, would it be OK to drive down the
pavement/sidewalk and run over anyone who doesn't get out of the way quick
enough? That's a form of Natural Selection, is it not? Which is why people
don't really believe in evolution. <<

You can be fined for j-walking, can you be fined for not patching? This is
what I'm getting at, currently there are no motivating factors to cause
people to patch except the threat of being exploited.

Suggest something we as the security community can do besides releasing
shutdown type tools to provide the necessary motivation to get these
machines patched and I'm all ears. Doing nothing is not an option imo and
lacking the existance of virus/worms/script kiddies would result in an even
more dangerous situation.

Geo.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ