Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Wanted: hackers blah blah blah

From: sargent () SGT COM (Robert Sargent)
Date: Sun, 9 Oct 1994 15:30:51 -0400

Alan,

I understand your frustrations...


      I think it's important to remember what seems like obvious security
to people like me and Mark, is viewed as stumbling blocks and workarounds
by the vast majority of SUN's customers.  It seems to me that either SUN
should have developed their Solaris to encompass an in-place secure OS,
and allow it to be downgraded, instead of what is shipped, or not publically
espouse their inadequacies in security.  


While there is alot of what Sun does I don't agree with,  I happen to agree  
whole-heartedly with Sun's policy of informing me of security issues.  
I also feel that there can not be too much exchange of this info.  There
are many "underground communications channels" used by the whiley hackers
that indicate the hackers usually are exploiting the various OS features 
[I refer to these as features because in the normal trusted net 
environment they are exactly that] before the rank and file SA's 
are notified.  But at least we are notified.  If Sun didn't shine 
the light on these issues, then who would?  You? ...after *your* 
"intangibles" were left out swinging in the breeze?

Think about it, if not Sun, then who?  There are too many companies
that are outright afraid to let the public know what's wrong.  This
policy creates a false sense of security around their product lines.

Like trailer-court kids, I let my Suns and other workstations run 
loose within the trusted net.  Users appreciate the non-gestapo 
approach to packet flow.  The few Suns that have bastion duty have 
the screws tightened down as tight as I know how.  The trusted net 
nodes far outnumber the few on bastion duty and I'd rather reconfigure 
a few good Suns than unconfigure the masses.


Perhaps I'm verging on the masses favorite hobby of flaming,...


understatement 


      If they're such a can do company, then why was our order for 6 machines
just pushed back (for the second time) for 45 days?  


I don't know why your order was pushed back, but if it was for the same reason
as I was provided, Uncle Sam's priority orders (fiscal year-end money burn)
pulled a pre-emptive strike.  Flame to your congressman/woman/it.

Regards-
Robert
Previous By Date Next
Previous By Thread Next

Current thread: