Full Disclosure mailing list archives
Re: PivX is full of crap rant (was : Predictions Confirmed, Qwik-Fix Protected )
From: Jelmer <jkuperus () planet nl>
Date: Fri, 26 Mar 2004 03:37:32 +0100
You shouldn't take them seriously PivX is full of crap, allways has been allways will be One thing you've got to understand about them is that they are a media company, their busnessmodel is build around getting as many media as possible to portrait them as experts. And they're doing a damn fine job at it. One of the best ways to get coverage is claiming you predicted that something would happen ages ago. It makes for great quotes But unfortunatly PivX isn't a security company it merely plays the part of one and unfortunatly in order to play this part they often resolve to complete lies, half truths, and unfounded theories.. how about their claims on http://www.net-security.org/dl/articles/Qwik-Fix_Pro_WhitePaper.pdf -- snip -- -Located 100's of Critical Vulnerabilities in Internet Explorer and Windows as well as in Outlook, AIM, ISS, Apache, SQL and ISA Server -Located root vulnerabilities in Apache Server -- snip -- Located?? I guess that's something else than discovered, but I don't think the casual user would tell the difference, and they are *counting* on that. The list goes on.. explaining why we should think they are creditable All this is just covering up the fact that pivx is entirely unaccomplished and there sole source of credibility comes from other people calling or asuming they are credible, even their most public spokesperson Thor larholm only found some 3 or 4 in my humble oppinion rather insignificant and unimaginative flaw's in IE. (I am not saying he's an idiot in any way but still , oh and when was the last time you needed someone skilled exclusivly in browser vulnerabilties?) Luigi Auriemma has as of lately become quite accomplished but he no longer works for them since they fired him after he tried to "extort" gamespy under the banner of pixv. They people doing the secure coding seminars who are somewhat credible aren't pivx employees ----- Original Message ----- From: "Alerta Redsegura" <alerta () redsegura com> To: "Thor Larholm" <thor () pivx com>; "Full-Disclosure" <full-disclosure () lists netsys com> Sent: Thursday, March 25, 2004 8:56 PM Subject: [Full-disclosure] RE: [Unpatched] PivX Predictions Confirmed, Qwik-Fix Protected
The following is an excerpt from a PivX statement which is worth quoting: --- "PivX Predictions Confirmed, Qwik-Fix Protected Over the course of the last 2 years, PivX Solutions has warned the
security
industry and the public about the possibility of automatically executing email worms. This week, we have seen the launch of the first such
successful
mass-emailing worm, namely Bagle.Q and its variants. These worms differ from ordinary email borne viruses in that they require
no
user interaction such as opening an email attachment. Instead, they automatically infect a user's machine the instant the email is displayed." --- Bagle.Q the "first successful mass-emailing worm" able to auto-execute
when
previewed or read???? What about Nimda, Bugbear, Klez and all the saga of auto-executing email worms that started back in 2001? I must be missing something... IƱigo Koch Red Segura _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: [Unpatched] PivX Predictions Confirmed, Qwik-Fix Protected Alerta Redsegura (Mar 25)
- Re: RE: [Unpatched] PivX Predictions Confirmed, Qwik-Fix Protected Nick FitzGerald (Mar 25)
- RE: [Unpatched] PivX Predictions Confirmed, Qwik-Fix Protected Alerta Redsegura (Mar 25)
- Re: PivX is full of crap rant (was : Predictions Confirmed, Qwik-Fix Protected ) Jelmer (Mar 25)
- Re: RE: [Unpatched] PivX Predictions Confirmed, Qwik-Fix Protected Nick FitzGerald (Mar 25)