lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040319142922.GE290@ngolde.de>
From: nion at gmx.net (Nico Golde)
Subject: Operating Systems Security, "Microsoft Security, baby steps"

Hallo Schmehl,

* Schmehl, Paul L <pauls@...allas.edu> [2004-03-19 14:51]:
> > Updating any OS is a pain in the ass, but all of them have 
> > flaws and need to be updated.  I find that at least with the 
> > UNIX-like ones, you can go on the Net and do your updates 
> > faster than you get rooted.
> 
> This is foolish thinking.  Do you really think that, when a patch comes
> out, *then* the hackers start working on exploits?  The exploits were
> being used *long* before the patch comes out.  The only thing a patch
> gets you is protection against *future* hack attempts against *that*
> weakness.

and thats quite logic because noone writes a patch before he tested this
vulnerability for example with an exploit.
if the exploiter releases his exploit on public websites is another
question.
regards nico
-- 
Nico Golde                | nico@...lde.de      | 310777820@ICQ | nion@....net
http://www.ngolde.de      | GnuPG Key: http://www.ngolde.de/gpg/nico_golde.gpg
Fingerprint               | FF46 E565 5CC1 E2E5 3F69  C739 1D87 E549 7364 7CFF 
echo             "[q]sa[ln0=aln256%Pln256/snlbx]sb729901041524823122snlbxq"|dc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040319/63f8ec24/attachment.bin

Powered by blists - more mailing lists