Full Disclosure mailing list archives
Re: MSIE src&name property disclosure
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Mon, 8 Nov 2004 21:37:55 +0100 (CET)
On Mon, 8 Nov 2004, Paul Schmehl wrote: [ Moderators - feel free to kill this ]
Never attribute to malice what can be explained by incompetence. Most likely what happened is the left hand (PR) didn't know what the right hand (secure@) was doing.
Highly unlikely; Microsoft Security Response is a team that, among other
things, manages and handles security response, including security-related
PR-esque functions (ever seen 'security evangelist' job postings on the
net?). The quote is fairly specific, so I doubt it could be spawned by a
lone PR drone who did not check with them.
--
------------------------- bash$ :(){ :|:&};: --
Michal Zalewski * [http://lcamtuf.coredump.cx]
Did you know that clones never use mirrors?
--------------------------- 2004-11-08 21:35 --
http://lcamtuf.coredump.cx/photo/current/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- CyberGuard and their desired retraction (was Re:MSIE src&name property disclosure), (continued)
- CyberGuard and their desired retraction (was Re:MSIE src&name property disclosure) security curmudgeon (Nov 11)
- Re: MSIE src&name property disclosure Michal Zalewski (Nov 08)
- Re: MSIE src&name property disclosure Dave Aitel (Nov 08)
- Re: MSIE src&name property disclosure Gadi Evron (Nov 08)
- RE: MSIE src&name property disclosure joe (Nov 15)
- Re: MSIE src&name property disclosure Dave Aitel (Nov 15)
- RE: MSIE src&name property disclosure joe (Nov 15)
- Re: MSIE src&name property disclosure Dave Aitel (Nov 15)
- Re: MSIE src&name property disclosure Micheal Espinola Jr (Nov 15)
- Re: MSIE src&name property disclosure Dave Aitel (Nov 08)
- Re: MSIE src&name property disclosure Michal Zalewski (Nov 08)
- Re: MSIE src&name property disclosure Georgi Guninski (Nov 08)