lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: exibar at thelair.com (Exibar)
Subject: New therad: sasser, costs, support etc alltogether

----- Original Message ----- 
From: "Radule Soskic" <rms@...ekom.yu>
To: <full-disclosure@...ts.netsys.com>
Sent: Friday, May 14, 2004 11:27 AM
Subject: [Full-Disclosure] New therad: sasser, costs, support etc
alltogether


> I can't post this to all the threads that I would like to, so I'm
> opening a new one.
>
> Follow this:
>
> 1. MS is wrongdoing by releasing (and charging for use of) software that
> has bugs in it. Users of such software have losses in time/money by
> trying to keep up with applying pathches, or just by trying to keep the
> uptime high.

MS releases patches for the holes that are found in their software.  No
software is perfect, look at the hole in SASSER itself!!  Would you rather
MS not release patches to save your users the time of applying said patches?
(don't answer that... :-)

>
> 2. Admins are wrongdoing by not applying patches to the systems they
> maintain. There are losses tied to such misspractice, too.

Admins have their choice whether or not to protect their systems.  If they
choose not to, shame on them, they shouldn't be able to whine about how much
money they lost because they didn't patch either.

>
> 3. Worm authors are wrongdoing by writing software that propagate
> through the networks by exploiting all of the above. Again, the losses
> occur in time/money spent to remove the worms from the systems affected.

  Worm authors who release their creations into the wild, are writing
programs whose sole purpose in creation is to infiltrate other people's
computer systems.  sure sounds illegal and immoral to me.

 Exibar


Powered by blists - more mailing lists