lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTi=dW0AqgQAymvg6UFbo1KZ0=w4FZbAfNbCbhMT=@mail.gmail.com>
Date: Fri, 4 Mar 2011 13:03:18 -0600
From: Michael Krymson <krymson@...il.com>
To: full-disclosure <Full-Disclosure@...ts.grok.org.uk>
Subject: Re: Python ssl handling could be better...

Thanks! As a note, I didn't entirely mean my last post to be snarky about
viewpoints and "career defenders" or dick measuring or anything. As Marsh
said, it's an interesting place to be when you talk about, "good enough"
security, as opposed to what we'd all love to have. Even two devout security
experts can argue over such things...which may be a fundamental reason
security overall gets exasperated looks from laymen/mgmt....

My end (implied) point was just that there are different viewpoints, both of
which may be defensible to the death, and neither of which may be wrong. I
don't take exception to any of the presented viewpoints except only slightly
to any that say the risk to one is the same as another, when it's not.
Whether both are trivial isn't something I'd wade too deeply into.

I will, however, humorously point out that not seeing anything in black and
white is...sort of black and white... :)

Have a relaxing weekend, and maybe more entertaining discussions will return
with less mentally capable people than those in this thread!

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ