lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040319142922.GE290@ngolde.de> From: nion at gmx.net (Nico Golde) Subject: Operating Systems Security, "Microsoft Security, baby steps" Hallo Schmehl, * Schmehl, Paul L <pauls@...allas.edu> [2004-03-19 14:51]: > > Updating any OS is a pain in the ass, but all of them have > > flaws and need to be updated. I find that at least with the > > UNIX-like ones, you can go on the Net and do your updates > > faster than you get rooted. > > This is foolish thinking. Do you really think that, when a patch comes > out, *then* the hackers start working on exploits? The exploits were > being used *long* before the patch comes out. The only thing a patch > gets you is protection against *future* hack attempts against *that* > weakness. and thats quite logic because noone writes a patch before he tested this vulnerability for example with an exploit. if the exploiter releases his exploit on public websites is another question. regards nico -- Nico Golde | nico@...lde.de | 310777820@ICQ | nion@....net http://www.ngolde.de | GnuPG Key: http://www.ngolde.de/gpg/nico_golde.gpg Fingerprint | FF46 E565 5CC1 E2E5 3F69 C739 1D87 E549 7364 7CFF echo "[q]sa[ln0=aln256%Pln256/snlbx]sb729901041524823122snlbxq"|dc -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040319/63f8ec24/attachment.bin
Powered by blists - more mailing lists