Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Microsoft Cries Wolf ( again )

From: <andrewg () d2 net au>
Date: Thu, 3 Jul 2003 10:29:27 +1000 (EST)
About a year ago, I tripped over this issue. (I have since found out
it is a known bug - see http://www.sitepoint.com/print/1029). In an
effort to help MS, I spent hours of company time registering to
various bug reporting services on MS sites - and never found one that
would accept my bug report because IE is not a paid product. Not that
I wanted any support - I only wanted to help them out.


How many semi serious issues exist where people just never bother to
disclose them to the public and where the vendor decides to ignore the
notification?


[snip]

I told MS about this back on 0ct 10 2002 and even sent them exploit
code, never even got a response, not even a "sorry we don't consider it
a threat" note.

[snip

In some cases, people are threatened with lawsuits by companies, which is a
great way of getting people on your side, and making friends. (sarcasm, by
the way.)

Vendors/Companies bring it upon themselves 99.9% of the time the way people
act towards them. There are several companies I have no intention of ever
talking to again.

- andrewg


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: