lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <9E5A9B24-719D-4025-ADE7-5FB039C56150@gmail.com>
Date: Thu, 28 Apr 2011 19:30:11 -0700
From: bk <chort0@...il.com>
To: Cal Leeming <cal@...whisper.co.uk>,
	Full Disclosure <full-disclosure@...ts.grok.org.uk>
Cc: Tõnu Samuel <tonu@....ee>
Subject: Re: Barracuda backdoor


> On Fri, Apr 29, 2011 at 3:17 AM, bk <chort0@...il.com> wrote:
> On Apr 28, 2011, at 3:09 AM, Tõnu Samuel wrote:
> 
> > One day their Barracuda product stopped working.
> >
> > After investigating problem it came out that Barracuda reseller and
> > Barracuda itself have some misunderstandings and because of this
> > Barracuda not only disabled all kind of subscription services
> 
> You're unsubstantiated claims don't bare repeating.  I will however point out that many vendors disable some portion of functionality when subscription or support payments lapse.  This is widely done in the industry and a surprise to no one.
> 
> --
> chort
> _______________________________________________

On Apr 28, 2011, at 7:20 PM, Cal Leeming wrote:

> Name ten.

For starters, every anti-spam company ever.  I should know, I've worked for half of them.  At the very least you cannot get upgrades or patches of any kind.  Most of them disable anti-spam updates, all of them disable anti-virus updates, and some even disable anti-spam scanning entirely.  The anti-spam SaaS vendors I know of will disable accepting your mail after a grace period if you haven't moved your MX records.

Hmm, let's see.  Firewall vendors won't let you apply updates, some of them cripple VPN functionality when your license has expired... really, do we need to go on?  There's a long precedent for products going into a degraded mode if your subscription or license expires.

--
chort



Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ