Full Disclosure mailing list archives
Re: Reuters: Microsoft to give holes info to UncleSam first - responsible vendor notification may not be a goodidea any more...
From: "Pavel Kankovsky" <peak () argo troja mff cuni cz>
Date: Sun, 13 Mar 2005 18:10:56 +0100 (CET)
On Sat, 12 Mar 2005, J.A. Terranson wrote:
Critical infrastructure serves us ALL, and must be first on the fix wagon.
There should be no serious vulnerabilities in the "critical infrastructure" in the first place. If the infrastructure is really critical, i.e. its failure would kill people, then every time a serious vulnerability is found, one of the responsible PHBs should be shot. (This is the way they are already doing it in China, isn't it?) Vendors, to be able to demonstrate how serious they are when their PR says their products are absolutely secure, may offer a service to sacrifice one of their own PHBs instead of the client's one. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation." _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- Re: Reuters: Microsoft to give holes info to UncleSam first - responsible vendor notification may not be a goodidea any more... Jason Coombs (Mar 12)
- Re: Reuters: Microsoft to give holes info to UncleSam first - responsible vendor notification may not be a goodidea any more... J.A. Terranson (Mar 12)
- Re: Reuters: Microsoft to give holes info to UncleSam first - responsible vendor notification may not be a goodidea any more... Pavel Kankovsky (Mar 13)
- Re: Reuters: Microsoft to give holes info to UncleSam first - responsible vendor notification may not be a goodidea any more... J.A. Terranson (Mar 12)