| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <E1DASjN-000COD-00.phased-mail-ru@f34.mail.ru> From: phased at mail.ru (phased) Subject: Reuters: Microsoft to give holes info to UncleSam first - responsible vendor notification may not be a good idea anymore... fucked that one up anyway, I wonder how much the gov are paying ms to do that, also what you say is valid from your point of view but can the rest of the world trust the USA? no it can't. I would refrain from using any software from a manufacturer with this kind of policy and I certainly would not report any bugs to them. The US government is probably more concerned with attacking other governments than protecting its own infrascture. Also how long do you recon it takes to patch thousands of government pc's I am sure the delay before bugs go public from MS will be even longer now. The gov isnt going to let them disclose bugs that they are still vulnerable to. If Microsoft and the US government are getting cosy, what is in store for the future? echelon monitoring systems on every windows PC? -----Original Message----- From: "J.A. Terranson" <measl@....org> To: Devdas Bhagat <devdas@....homelinux.org> Date: Sat, 12 Mar 2005 15:36:28 -0600 (CST) Subject: Re: [Full-disclosure] Reuters: Microsoft to give holes info to UncleSam first - responsible vendor notification may not be a good idea anymore... > > > On Sat, 12 Mar 2005, Devdas Bhagat wrote: > > > > Microsoft, Cisco, Juniper, etc., all have both vested interests and public > > > policy interests in notifying those who would be most affected first. > > > > Which public? Are you a member of the public? Am I? > > The public at large. You , me, everyone you know is "the public". > > > > > This is good public policy as well: if the national infrastructure is > > > compromised, we are all up shit's creek, if Joe's Corner Store is > > > > Which nation? From my PoV, it is the general user who needs to be > > informed first. A whole bunch of us have more problems with Windows > > holes even though we do not use Windows, simply because of the traffic > > volume generated. > > Your "view" is perversely slanted towards serving only your own personal > interests, without regard for those around you. > > As such, your "view" is worthless, and can be safely discarded. > > > -- > Yours, > > J.A. Terranson > sysadmin@....org > 0xBD4A95BF > > "Quadriplegics think before they write stupid pointless > shit...because they have to type everything with their noses." > > http://www.tshirthell.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://www.secunia.com/ >
Powered by blists - more mailing lists