Re: M$ puts bounty out for Blaster and Sobig culprits

[Patrick Dolan <dolan () cc admin unt edu>]

Should we do the same for the engineers who wrote Sendmail, Apache, OpenSSH, 
etc, etc.?

I enjoy a little MS bashing as much as the next guy but everybody makes 
mistakes.  The problem is with MS attitude towards efficient/effective 
patching as well as users who don't know jack about security.

The average *nix user tends to be much more technically proficient in OS 
managment because usually you have to be.

On Wednesday 05 November 2003 10:05 am, Eric Bowser wrote:
> What about a bounty for the original engineer who wrote the flawed OS
> components?
>
> On Wed, 2003-11-05 at 10:02, Vic Vandal wrote:
> > M$ is offering $250K for info leading to the arrest of those
> > who released Blaster and/or Sobig.  See the details here:
> > http://news.com.com/2100-7355_3-5102110.html?tag=nefd_top
> >
> > One outcome of this will be severely limiting bragging about
> > pulling off such sploits.
> > And one would think those actually guilty should be real busy
> > right now erasing any/all evidence (that they didn't take care
> > of long ago).
> >
> > Maybe M$ should put out a bounty for reporting bugs in their
> > crappy software without going public instead.  That might be
> > more effective.
> >
> > Peace,
> > Vic
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html

-- 
Patrick Dolan
UNT Computing and Information Technology Center

PGP ID: E5571154
Primary key fingerprint: 5681 25E4 6BE6 298E 9CF0  6F8D B13B 2456 E557 1154

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html