lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <992422580-1229877413-cardhu_decombobulator_blackberry.rim.net-343025101-@bxe097.bisx.produk.on.blackberry>
Date: Sun, 21 Dec 2008 16:36:37 +0000
From: kevin.fielder@...il.com
To: "n3td3v" <xploitable@...il.com>, nick@...us-l.demon.co.uk,
	full-disclosure@...ts.grok.org.uk, "n3td3v" <n3td3v@...glegroups.com>
Subject: Re: Microsoft issues out-of-band patch

Hi

I'm not interested in getting into flaming or some personal argument, but how do you actually know this?

I'm sure we all have ideas about how advanced the various security agencies are, but that is conjecture not factual statement. 

Cheers

K

Sent from my BlackBerry® wireless device

-----Original Message-----
From: n3td3v <xploitable@...il.com>

Date: Sun, 21 Dec 2008 14:22:13 
To: <nick@...us-l.demon.co.uk>; <full-disclosure@...ts.grok.org.uk>; n3td3v<n3td3v@...glegroups.com>
Subject: Re: [Full-disclosure] Microsoft issues out-of-band patch


On Sun, Dec 21, 2008 at 1:00 PM, Nick FitzGerald
<nick@...us-l.demon.co.uk> wrote:
> n3td3v wrote:
>
> <<snip>>
>> What i'm saying is this: MI5's systems are patched against flaws that
>> only they know about and their technicians have developed their own
>> in-house patches for them.
>>
>> If that isn't impressive I don't know what is.
>
> Didn't you rail against the ZERT efforts when 0-days were being widely
> used in the wild and MS was doing "nothing much" abou them?
>
> Oh, sorry, I forgot which publicity whore I was talking to...
>
>
> Regards,
>
> Nick FitzGerald
>

Yes, i'm against *publicly available* third party patches of any kind
and always have been.

Best wishes,

Andrew

http://twitter.com/n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ