| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Jan 5 12:07:32 2006 From: infosecbofh at gmail.com (InfoSecBOFH) Subject: WMF round-up, updates and de-mystification Listen here Larry... stick to helping bullshit infosec companies use you to pimp their products. I have specific examples but have no reason or motivation to share them with the likes of fuckbag reporters like you. You think that because some so called security company isnt reporting it makes it false? Perhaps they just dont see it or perhaps they see the monitary value in just letting sheep like you write about how good they are in protecting and offering false security. On 1/3/06, Larry Seltzer <larry@...ryseltzer.com> wrote: > >>I have tested and confirmed that this patch only works in specific > scnenarios and does not mitigate the entire issue. Variations still work.I > have tested and confirmed that this patch only works in specific scnenarios > and does not mitigate the entire issue. Variations still work. > > Oh really? Do you have any more information on this or do you just like to > throw bricks? I have a hard time believing you're right, because it would > mean that there are variations of the attack that don't use its fundamental > mechanism. > > All that said, it's clear to me that the rush to adopt this patch is > precipitous. For instance, it's largely unnecessary on Windows 9x, NT, and > 2K, unless you rely on a specifically vulnerable app, like Notes. > > Larry Seltzer > eWEEK.com Security Center Editor > http://security.eweek.com/ > http://blog.ziffdavis.com/seltzer > Contributing Editor, PC Magazine > larryseltzer@...fdavis.com > > >
Powered by blists - more mailing lists