lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.63.0510040823380.13056@forced.attrition.org>
Date: Tue Oct  4 13:23:49 2005
From: jericho at attrition.org (security curmudgeon)
Subject: Bigger burger roll needed


: I don't appreciate you changing caps in my name.  I'm not 'spin'ing 
: anything - I addressed a specific question with an honest real-world 
: answer.  I did not include propaganda nor did I denounce any alternate 
: products.  There's no need to be a disrespectful ass.

A decade of close exposure to Windows boxen has destroyed your sense of 
humor. =( Hope you aren't sterile too.

: Absolutely, Win95 was a pain in the ass So was 98 and Me.  But I 
: disagree with the sentiment that it was solely due to MS code. Without 
: getting into specifics that no longer matter, surely they could have did 
: their part better to handle malformed input - but who was malform'ing 
: the input in the first place?

By this reasoning, we can blame all the hax0rs and security professionals 
for SQL injection, cross-site scripting, file inclusion, path disclosure, 
overflows and format string vulnerabilities too, right? Because hey, 
*they* provided the malformed input to the application in the first place!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ