Full Disclosure mailing list archives
Re: Security Hole Found In Dave's Sock
From: John Smith <vun.list () gmail com>
Date: Thu, 08 Sep 2005 13:27:46 -0400
Can we all shut up now? I know most of you are bored, please try to find something else to occupy yourselves with. I did not sign up to this list for childish banter (even though that is what I get most of the time, this is far exceeding the normal limit).
Raj Mathur wrote:
"Ted" == Ted Frederick <tfrederick () ascentek com> writes:Ted> Dear list, I know that this list is not meant for personal Ted> promotion but I think I would be remiss if I did not mention Ted> that my company has recently released an upgrade to our Ted> initial offering of Shoe 1.0. The upgrade to Shoe 2.0 Ted> includes a firewall/anti-virus product previously known as Ted> Sock 3.4563.v54. Ted> The upgrade cost is $19.99. There is also a required software Ted> assurance subscription of $325.79 monthly. Ted> If all goes well with the new product I suspect that we will Ted> be purchased by a major software vendor before year end thus Ted> making updates available on the first Tuesday of every month Ted> to protect against further holes. These updates will have Ted> vague names with no indication of what they actually fix Ted> which should relieve you of sparing any thought to what risks Ted> you may have been exposed to prior to the patch. Ted> Yes, we have in fact thought of everything so you don't have Ted> to. I'm afraid you have fallen into the common trap of suggesting a hardwear solution for what is essentially a softwear problem. I'd have been much happier to see the softwear vendors acknowledge this vulnerability (it's endemic, not specific to one vendor) and offer upgrades to their softwear on a regular basis. I'm making a compilation of socks v5.0 softwear available in the market and subjecting them to stress testing; the testing includes running 2KM after subjecting the softwear to dipping in Sewer 0.2, having /bin/cat /bin/sleep on them for 2 days, and a cron job to periodically transfer them to and from a Windows system. The results of this testing will be available for a nominal fee(*). I also suspect that by the end of the testing the softwear will have metamorphosed into those elusive WMDs that have been, uh, eluding us for so long. (*) Standard nominal fee is half your kingdom and your daughter's hand in marriage). Regards, -- Raju
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: Security Hole Found In Dave's Sock MacDougall, Shane (Sep 08)
- <Possible follow-ups>
- RE: Security Hole Found In Dave's Sock Ted Frederick (Sep 08)
- RE: Security Hole Found In Dave's Sock y0himba (Sep 08)
- Re: Security Hole Found In Dave's Sock miah (Sep 08)
- RE: Security Hole Found In Dave's Sock y0himba (Sep 08)
- Re: Security Hole Found In Dave's Sock Andre Ludwig (Sep 08)
- RE: Security Hole Found In Dave's Sock y0himba (Sep 08)
- RE: Security Hole Found In Dave's Sock Raj Mathur (Sep 08)
- Re: Security Hole Found In Dave's Sock John Smith (Sep 08)
- RE: Security Hole Found In Dave's Sock Grant Rietze (Sep 08)