Full Disclosure mailing list archives
Re: Netscape Problems.
From: zen-parse <zen-parse () gmx net>
Date: Wed, 27 Nov 2002 12:22:59 +1300 (NZDT)
On Tue, 26 Nov 2002, Georgi Guninski wrote:
zen-parse wrote:In case people haven't noticed yet, Open Source is not more secure.I disagree with this conclusion. Can you please give more details how you concluded this based on your post. In no particular order, here are some thoughts. 1. You mention several mozilla bugs, most (all?) of which are fixed. Are you aware of the amount of internet exploder bugs?
Not precisely, but one bug is all it takes to make a product insecure.
2. I can understand you are angry at Netscape, but please don't mix corporate emotions with open source. From personal experience, several years ago, I managed to cash all of the *reproducible exploits* bounty claims against netscape products. Are you sure your claims are *reproducible exploits*?
Yes. Details have been supplied for all of them, when asked by netscape. If no further information was requested, I assumed it was reproducable.
3. From the email headers of your post, I am inclined to think that you are using *open source* email client and smtp server - probably linux. Am I wrong? If not, why have you chosen open source email solution and not windoze, e.g.?
Yes. I am. I also use Windows XP. I originally used linux because of a hacker wargame, and now I use it because I like it. It only takes one bug though to make an insecure product.
4. How can one be sure there are no bugs in closed source involving magic numbers like 536870912 (from your post)? Can one tell if closed source is not backdoored? Do you trust m$'s tru$tworthy computing so much? Do you use it at all?
Would be nice, but nope I can't see hidden features. Nope. No idea what features most of them have. Not really, but I use it. (Never attribute to malice what can readily be attributed to stupidity.) -- zen-parse -- ------------------------------------------------------------------------- 1) If this message was posted to a public forum by zen-parse () gmx net, it may be redistributed without modification. 2) In any other case the contents of this message is confidential and not to be distributed in any form without express permission from the author. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Netscape Problems. zen-parse (Nov 25)
- Re: Netscape Problems. Dave Aitel (Nov 26)
- Re: Netscape Problems. zen-parse (Nov 26)
- Re: Netscape Problems. Georgi Guninski (Nov 26)
- Re: Netscape Problems. zen-parse (Nov 26)
- Re: Netscape Problems. Georgi Guninski (Nov 26)
- <Possible follow-ups>
- RE: Netscape Problems. Schmehl, Paul L (Nov 26)
- Re: Netscape Problems. Steven M. Christey (Nov 27)
- RE: Netscape Problems. Schmehl, Paul L (Nov 27)
- Re: Netscape Problems. Dave Aitel (Nov 26)