lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <b1f9b5ae0508181112239ad435@mail.gmail.com>
Date: Thu Aug 18 19:13:05 2005
From: perfectirijillo at gmail.com (J u a n)
Subject: Re: MS not telling enough

On 8/18/05, Jason Coombs <jasonc@...ence.org> wrote:
> > So there ya go. I suppose you'll
> > find something new to complain
> > about, or to be rude about.
> 
> Whenever possible, yes.
> 
> It's amazing how much you support Microsoft. Don't you know that it is in the continued support that you give them that they derive their continued opportunities to harm others?
> 
> Of course, the more you and others support Microsoft, the more your expertise grows in value.
> 
> Compare your decision-making and ethics to the decisions made by me and others who, after hard work and sacrifice to gain over a decade worth of training, education, skill and work experience with Microsoft products, grew to understand that it causes harm to the entire world for us to apply that skill in any fashion that helps Microsoft.
> 
> I swore an oath never again to apply my skills in a way that helps Microsoft.
> 
> ... or to help any other organization that knowingly causes harm with reckless disregard for the well-being of others.
> 
> Integrity, competency, and those who prove they are good people must be supported, and anyone who lacks integrity, competency, and has proven they are bad must be opposed.
> 
> To do otherwise demonstrates the same self-serving and wrong thinking that enables Microsoft to con its victims in the first place.
> 
> Glad to see Microsoft give an opinion that more clearly explains that their Windows 2000 product is inherently defective and shouldn't be used if you intend to connect it to a computer network.
> 
> That was the conclusion that I arrived at after performing a forensic review of IIS 5.0 -- you'll find my analysis contained within my book about IIS security:
> 
> http://www.science.org/jcoombs/
> 
> http://www.forensics.org/IIS_Security_and_Programming_Countermeasures.pdf
> 
> Best,
> 
> Jason Coombs
> jasonc@...ence.org
> 
> 
> -----Original Message-----
> From: "Kurt Seifried" <listuser@...fried.org>
> Date: Thu, 18 Aug 2005 11:00:04
> To:<jasonc@...ence.org>
> Subject: MS not telling enough
> 
> They just updated MS05-039.
> 
>  Windows 2000 systems are primarily at risk from this vulnerability. Windows
> 2000 customers who have installed the MS05-039 security update are not
> affected by this vulnerability. If an administrator has disabled anonymous
> connections by changing the default setting of the RestrictAnonymous
> registry key to a value of 2, Windows 2000 systems would not be vulnerable
> remotely from anonymous users. However, because of a large application
> compatibility risk, we do not recommend customers enable this setting in
> production environments without first extensively testing the setting in
> their environment. For more information, search for RestrictAnonymous at the
> Microsoft Help and Support Web site.
> 
> So there ya go. I suppose you'll find something new to complain about, or to
> be rude about.
> 
> -Kurt
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 


Ok, I think it's time to filter your email from my inbox.
Don't take it the wrong way, but I don't care about your fights with
some guy named Kurt,
or the stupid forensic dudes or the laws or politics of your country.
All I care about is securiy, if I ever want to discuss other stuff
I'll subscribe to another
list, forum, whatever.
Have a nice day.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ