funsec mailing list archives
Re[6]: www.hexblog.com down?
From: Pierre Vandevenne <pierre () datarescue com>
Date: Thu, 5 Jan 2006 01:24:17 +0100
Good Day, Thursday, January 5, 2006, 1:00:26 AM, you wrote: SD> bad stuff DOES happen and therefor you MUST do something. But too often Well, it IS currently happening. Not as much as some say, but more than the minimal estimate. SD> Guilfanov's product should consider it for their organizations. Just SD> because its free doesn't make it any worse (or better) than other security SD> products you can buy. Did I say that in any way? But I can tell you one thing: if Ilfak had attempted to make money with this fix, he wouldn't have a job here anymore. But knowing Ilfak, the point is moot... SD> That's different than saying use it or else something bad might happen. Did I say that in any way? I said that, based on my best information and knowledge, I felt that my company, DataRescue was at risk and I did not like it. Do you disagree with my assessment on a detailed technical basis, or are you just expressing an opinion? You may think I am totally wrong here, but given the fact that my company produces what is probably the most widely used malware analysis tool available, I have the weakness to believe I can make a somewhat informed choice in that matter. And I am not making that choice for you, just for me. The cost for a fix that suited my need was minimal (my programmer's time). I believe, but that is just an opinion, that many organizations have the programming resources to tackle similar problems in-house and that they might want to consider that option for themselves. A few years ago, I wrote this, http://www.datarescue.com/life/palmtrojan.htm in the midst of the first "Palm virus" media hysteria, because I believed the palm trojan risk was close to zero. In that case, given the best knowledge that was available to me at the time, I decided NOT to do anything. Exercising my freedom to assess a situation. My assessment of the current risk here was different. -- Best regards, Pierre mailto:pierre () datarescue com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Re[2]: www.hexblog.com down?, (continued)
- Re: Re[2]: www.hexblog.com down? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 03)
- Re[4]: www.hexblog.com down? Pierre Vandevenne (Jan 03)
- Re: Re[2]: www.hexblog.com down? nodialtone (Jan 03)
- Re[3]: www.hexblog.com down? Pierre Vandevenne (Jan 03)
- Re[4]: www.hexblog.com down? Pierre Vandevenne (Jan 03)
- Re[3]: www.hexblog.com down? Sean Donelan (Jan 04)
- Re[4]: www.hexblog.com down? Pierre Vandevenne (Jan 04)
- Re[4]: www.hexblog.com down? Sean Donelan (Jan 04)
- Re[5]: www.hexblog.com down? Pierre Vandevenne (Jan 04)
- Re[5]: www.hexblog.com down? Sean Donelan (Jan 04)
- Re[6]: www.hexblog.com down? Pierre Vandevenne (Jan 04)
- Re: www.hexblog.com down? Gadi Evron (Jan 03)
- Re[2]: www.hexblog.com down? Pierre Vandevenne (Jan 03)
- Re: www.hexblog.com down? nodialtone (Jan 03)
- RE: www.hexblog.com down? Gary Funck (Jan 03)
- RE: www.hexblog.com down? Anthony Aykut (Jan 03)
- RE: www.hexblog.com down? nodialtone (Jan 03)