lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: raju at linux-delhi.org (Raj Mathur)
Subject: Reuters: Microsoft to give holes info to Uncle
	Sam first - responsible vendor notification may not be a good idea any
	more...

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>>>>> "JAT" == J A Terranson <J.A.> writes:

    JAT> This "story" really just reflects what has been going on in
    JAT> the real world for some time now.

    JAT> Microsoft, Cisco, Juniper, etc., all have both vested
    JAT> interests and public policy interests in notifying those who
    JAT> would be most affected first.  This is good public policy as
    JAT> well: if the national infrastructure is compromised, we are
    JAT> all up shit's creek, if Joe's Corner Store is compromised,
    JAT> only Joe and possibly Joe's small geographic user base is
    JAT> hosed.

    JAT> Decrying this shows you have not thought the problem through
    JAT> Tamas.

What you're saying would make sense if the US were the only country in
the world that uses MS products.  I know this may come as a surprise
to many people, but there are other places and Governments in the
world too, and they too use MS!

It shows complete irresponsibility on MS' part to favour one
Government over all others in disclosure and bug-fix policy.  IMNSHO
one more reason for the rest of the world to switch to non-proprietary
products and solutions.

Regards,

- -- Raju
- -- 
Raj Mathur                raju@...dalaya.org      http://kandalaya.org/
       GPG: 78D4 FC67 367F 40E2 0DD5  0FEF C968 D0EF CC68 D17F
                      It is the mind that moves
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>

iD8DBQFCMzCeyWjQ78xo0X8RAs6cAJ46ZjzQvyyHCF7qaBcLLIMLuTH/QgCfcISj
VJFr5kuEyLmVnw3/A1PWwIg=
=9Ohw
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ