| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: clocke at stratitec.com (Chris Locke) Subject: New therad: sasser, costs, support etc alltogether I agree highly with point's 2 and 3 but not so much with point 1. If MS is wrong by releasing buggy software then so is Sun, Ibm, Cisco, Every Linux vendor....hell anybody who has ever written a piece of software. Now I am not trying to flame, and I am not a MS fan at all but lataly I have been getting sick of all the finger pointing being done to them. Did everybody flame Linus over all the Linux kernel vulnerabilities over the last few months? fuck no... Everybody has there opinions on each of the os's and I respect all of you, but let's be reasonable about it. MS patched the vulnerability before it was exploited. What the fuck else do we want? Bill Gates to personally fly out and patch our systems for us? Sorry for the rant guys... Chris Locke http://stageofbattle.org On Fri, 2004-05-14 at 10:27, Radule Soskic wrote: > I can't post this to all the threads that I would like to, so I'm > opening a new one. > > Follow this: > > 1. MS is wrongdoing by releasing (and charging for use of) software that > has bugs in it. Users of such software have losses in time/money by > trying to keep up with applying pathches, or just by trying to keep the > uptime high. > > 2. Admins are wrongdoing by not applying patches to the systems they > maintain. There are losses tied to such misspractice, too. > > 3. Worm authors are wrongdoing by writing software that propagate > through the networks by exploiting all of the above. Again, the losses > occur in time/money spent to remove the worms from the systems affected. > > It is obvious that almost every legal system in the world treats #3 as > crime, while #2 and #1 are broadly tolerated. Noone here is against the > book of law, but it just seems to be in contrast to the natural and > intuitive feeling of justice that majority of people might have > regarding the issues like these. See - only one of the three wrongdoers > is being punished. > > Is it right? Or - is it wrong? > > BTW, I have a funny feeling that damages/losses caused by #3 might very > often be far less than the ones caused by #2 and #1. > > Am I alone? > > cikasole > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists