Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Extreme Hacking

From: "MI DC" <midc () canoemail com>
Date: Sat, 10 Jul 1999 00:58:29 -0800
vanja () siamrelay com wrote:

At 12:49 AM 7/6/99 -0500, Craig H. Rowland wrote:

The recent disclosure of the eEye IIS 4 hole is a perfect example of
litigation waiting to happen against a security company. There are plenty
of details there that show the security company acted irresponsibly
(didn't wait for patch, released full working code, encouraged it's use by
developing variants, etc.). Personally, if my website was attacked using
their code I'd sue their pants off, but that's just me. 


You would sue eEye, and ... you would kiss Microsoft, I presume?! Because
eEye is a 'bad boy', Microsoft must be the good one?

Microsoft gave you the bomb, and eEye explained how to activate it. Is it
the fault of Microsoft to give you the bomb, or eEye to explain how to
activate?

Go figure... I know the answer for myself. That's why I don't use IIS...

Vanja


This week a child care center demonstrated to the media how a small piece from a child's bottle can come loose and be 
swallowed by a child while drinking.  No one would think of suing the child care center for publicizing how to kill a 
child.  No one will excuse the manufacturer for taking a week to recall a product that can kill a child.  Change 
scenarios and some are ready to excuse the vendor of a faulty product and sue the party that brought the fault to our 
attention.

Don't go off on a rant about how a faulty web server is not the same as a children's product that is unsafe for 
children.  Think of all the roles in which unsuspecting organizations may have deployed a faulty web server which 
contains information that can destroy lives.  Think of all the mission critical roles in which nt may have been 
deployed where some admin came along and carelessly enabled the web server for some temporary use, then never disabled 
it.  Or does an admin never enable a web server on an nt firewall or proxy server? :-)

midc

___________________________________________________________________
Sign up today for your Free E-mail at http://www.canoe.ca/CanoeMail
Previous By Date Next
Previous By Thread Next

Current thread: