| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050313171056.24096.qmail@paddy.troja.mff.cuni.cz> From: peak at argo.troja.mff.cuni.cz (Pavel Kankovsky) Subject: Reuters: Microsoft to give holes info to UncleSam first - responsible vendor notification may not be a goodidea any more... On Sat, 12 Mar 2005, J.A. Terranson wrote: > Critical infrastructure serves us ALL, and must be first on the fix wagon. There should be no serious vulnerabilities in the "critical infrastructure" in the first place. If the infrastructure is really critical, i.e. its failure would kill people, then every time a serious vulnerability is found, one of the responsible PHBs should be shot. (This is the way they are already doing it in China, isn't it?) Vendors, to be able to demonstrate how serious they are when their PR says their products are absolutely secure, may offer a service to sacrifice one of their own PHBs instead of the client's one. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
Powered by blists - more mailing lists