Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Hotmail & Passport (.NET Accounts)

From: "adf--at--Code511.com" <adf () code511 com>
Date: Fri, 09 May 2003 19:06:08 +0200
Is it me or ms never credit vulnerabilities according to
http://www.microsoft.com/security/passport_issue.asp  "a report was
published detailing a security vulnerability(...)"? No more details or
credit.


And they should because...?  If you ask me, doing this for "fame and
fortune" is really against what i would call traditional hacker ethic.

That was just a simple question. AFAIK they DO for some vunerabilities: do
you remember IIS issue (MS99-047) discovered by eeye years ago? Well the
Acknowledgments display credit. Same for most of the latest security bultins
as displayed http://www.microsoft.com/technet/security/: MS03-015 etc...

The question is not fame or whatever you call it, just a question about
selective Acknowledgments from ms.

My 2 cents,

Deepquest
"Ubi solitudinem faciunt, pacem appelant"

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: