lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: guninski at guninski.com (Georgi Guninski)
Subject: satire on vendor responses

here is some satire how some vendors may respond to reported security
problems.

completely fictional, any resemblance to real world or real events is just
a halucination.


1.
http://www.microsoft.com
financial empire waiting for the fate of previous empires

automated response "thanks for being a free beta tester!"
the media is told "bug hunters" are irresponsible cyber terrorists.
have enough money and enough brain to shutdown hotmail accounts.
later a patch is produced, in some cases introducing more problems.
visiting malicous web sites is not real exploit scenario.

2.
http://www.openbsd.org
Theo Deraddt, author of only one remote hole in 2^32 years.

imaginary quotes from fabricated email:
---------------------
From: Theo de Raadt 

it is just a crash.

> btw, Ted Unangst <tedu@> seems better than you in PR
> bug handling. have you thought about outsourcing the PR bug handling
> to him?

he is not better at it.  he only works in certain areas.  but i work
all over the place, and can spray an issue out to the revelant people
very often.  i'm always around...
----------------------

----------------------
From: Theo de Raadt <deraadt@....openbsd.org>

and I TOLD you to hold off

and then you didn't.

Look, you release bugs not to help us.  You do it for yourself.

Don't take me for a fool.
---------------------------

// end of fabricated quotes


3. 
http://www.kernel.org
Linus Torvalds, an engineer, some funny quotes on wikiquotes.

Linus: "hmmmm, there might be more ones like this. how did you find it?"

4. 
http://www.mozilla.org
Let there be dragons and foxen

mozilla: "we give cash for security bugs"


-- 
where do you want bill gates to go today?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ