lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri Sep  9 21:44:31 2005
From: larry at larryseltzer.com (Larry Seltzer)
Subject: Mozilla Firefox "Host:" Buffer Overflow

>>> Whatever. My point was that he treated the two situations differently.
Why?

>Do you believe in Conspiracy Theories?  Do you believe that certain media
people, 
>and indeed, many others get a certain Large Software Company's money for
doing things for them?
>Well, MSFT is going to issue a critical patch next Tuesday.  Maybe this is
a shiny object, 
>intended to divert some media pressure away from an MSFT design botch. 

Allright, maybe I haven't listened to enough Air America lately, so help me
out with how this conspiracy works. Are you saying that Tom Ferris is a
Microsoft stooge and the fact that he only announced a critical IE
vulnerability without providing details or a POC, whereas he provided both
for a critical vulnerability in Firefox, was done because Microsoft paid him
to do so? Because that seems to be the essence of what you're implying.

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
Contributing Editor, PC Magazine
larryseltzer@...fdavis.com 


Powered by blists - more mailing lists