Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Lap Dances for All

From: surreal () delusory org
Date: Thu, 3 Mar 2005 11:47:40 -0700
My media whoring knows no bounds! I studied at the feet of the masters
while at @stake though, so I can't claim all the credit.

http://software.silicon.com/security/0,39024655,39128296,00.htm


I enjoyed the article, but I have a question that wasn't answered:

Does the NDA, or anything other than pride, prevent Microsoft from
joining the VSC and addressing these "tactical nukes" as they're
deployed? If so, it would be magnanimous to offer MS a special license
at a reasonable price ($300K too cheap?) that would allow them to share
the vulnerabilities internally and address them. History suggests that
they wouldn't be particularly quick about fixing anything. If they're
too proud to avail themselves of that opportunity, who could they
blame? When they point their dainty finger and screech "irresponsible
discloser!", point back and call them "stingy bastards".

Personally, I think that the 50 to 100K price tag effectively keeps the
vulnerabilities out of the reach of children. That's responsible enough
for my taste anyway.

***
Rather than post again, I'd also like to state that the _last_ thing
that would help, IMO, would be to encourage the Insurance Industry
Leaches to latch onto the software industry by making vendors liable
for vulnerabilities and damages.

Regards,

Surreal

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: