| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <444FF230.9080103@procyonlabs.com> Date: Wed Apr 26 23:19:19 2006 From: randy at procyonlabs.com (Randal T. Rioux) Subject: MSIE (mshtml.dll) OBJECT tag vulnerability -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Tim Bilbro wrote: > You do a disservice to all IT shops by announcing these vulnerabilities > before contacting the vendor. I think lame inaccurate "blogging" causes more harm than research and result dissemination. Seriously - those who think full disclosure is bad should think a little more. Would you be happy if all software were more like the Bush administration? Secrets are the results of corruption. If you write bad/insecure software and charge out the ass for it - you bet I'd want it to work and be as secure as advertised. Randal T. Rioux | Procyon Labs IT Security R&D and Consulting Virtual: www.procyonlabs.com Physical: DC / Baltimore PGP: gpg --keyserver pgp.mit.edu --recv-keys 0xD08D1941 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFET/IvRrGMQdCNGUERAxkfAJ0bE+e3qTHJ+0idC6y0lcMM/xE/OwCfXLOY 9noRONs+WeuuV2UL0BpaWAw= =zeBm -----END PGP SIGNATURE-----
Powered by blists - more mailing lists