lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <72daeffd1001201157w4d9cb58bp49413951a101df35@mail.gmail.com>
Date: Wed, 20 Jan 2010 11:57:49 -0800
From: Chris Evans <scarybeasts@...il.com>
To: Dan Kaminsky <dan@...para.com>
Cc: Full-disclosure <full-disclosure@...ts.grok.org.uk>,
	Valdis.Kletnieks@...edu
Subject: Re: Two MSIE 6.0/7.0 NULL pointer crashes

On Wed, Jan 20, 2010 at 10:25 AM, Dan Kaminsky <dan@...para.com> wrote:
> On Wed, Jan 20, 2010 at 7:00 PM,  <Valdis.Kletnieks@...edu> wrote:
>> On Wed, 20 Jan 2010 10:38:34 EST, James Matthews said:
>>
>>> Why doesn't microsoft throw some of it's weight behind Mozilla and ditch IE
>>> forever. It doesn't suit their image.
>>
>> Unfortunately, the PR doesn't work that way.  Do you really want to be buying
>> an entire operating system from somebody who just admitted they can't even
>> produce a workable browser with all their resources?
>>
>> (Note this works differently in the Linux world, where the kernel crew doesn't
>> even pretend to write browsers, and the Firefox crew *just* does browsers, and
>> somebody else *just* does OpenOffice, and distros (for the most part) just worry
>> about integration issues, and everybody only claims to do their little part
>> well)
>
> Seriously.  I mean, just look at Linux, Firefox, and OpenOffice.
> Pristine code, not a single security vulnerability between them :)

Any complicated and evolving piece of software will have security
vulnerabilities all the time.
Maybe comparing and contrasting response to vulnerabilities would be
interesting?


Cheers
Chris

>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ