lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8C70DBDB6EAB53B-B74-1CB91@mblk-d27.sysops.aol.com>
Date: Tue Apr 12 22:28:48 2005
From: mcbain at aol.com (mcbain@....com)
Subject: How to Report a Security
	VulnerabilitytoMicrosoft

I dont believe even with a staff of 100k people that one could come up with a conceivable testing environment for every possible network setup in this world, could you?
 
And yes making the disclosure private does earn Billgates more money.  But thats not WHY they want it private and honestly , putting your billg flaming aside (lol) , you know thats the truth.  0day and worms which is the alternative, terrorist activity is not what they want.
 
Mike
www.michaelevanchik.com
 
 
 
-----Original Message-----
From: Georgi Guninski <guninski@...inski.com>
To: mcbain@....com
Cc: full-disclosure@...ts.grok.org.uk
Sent: Wed, 13 Apr 2005 00:14:17 +0300
Subject: Re: [Full-disclosure] How to Report a Security VulnerabilitytoMicrosoft


On Tue, Apr 12, 2005 at 05:00:46PM -0400, mcbain@....com wrote:
>  
> The reason for this (from redmond) is they cannot break computers that are out 
there. There tolerance has to be even below one percent ,and even that is too 
much and finally conceded with them on their points.  Also, they do not "patch" 
they find the root of the problem which adds more time.  So you should be seeing 
less workarounds of microsoft patches. 
>

they are breaking computers out there all the time.

so they know their code is a mess, but want the 0day to be private to them
for 5 months so they can profit more. a nice plan.

i thought bill's trusthy computing intiative cured the "root of the
problem" or not? the m$ whores patching holes for several billions worth and
*more* exploits left?

-- 
where do you want bill gates to go today?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050412/ccb79817/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ