nanog mailing list archives

Re: IBM report reviews Internet crime

From: Florian Weimer <fw () deneb enyo de>
Date: Tue, 12 Feb 2008 20:46:24 +0100


* Owen DeLong:

If the vulnerability cannot be corrected through a vendor patch, then,
one has to wonder what, exactly the vulnerability is.


You assume that a vendor patches a vulnerability once they learn about
it.  In my experience, this is not true.  Sometimes it's easy to explain
(product or vendor ceased to exist), sometimes it's not (some cross-site
scripting issues I'm trying to straighten out; minor bugs to you
perhaps, but huge media exposure because of their visibility and
reproducibility--think FDIV bug).

Current thread:

IBM report reviews Internet crime michael.dillon (Feb 12)
- Re: IBM report reviews Internet crime Owen DeLong (Feb 12)
  - Re: IBM report reviews Internet crime Florian Weimer (Feb 12)
    - Re: IBM report reviews Internet crime Owen DeLong (Feb 12)
    - Re: IBM report reviews Internet crime Florian Weimer (Feb 13)
  - Re: IBM report reviews Internet crime Valdis . Kletnieks (Feb 12)
    - Re: IBM report reviews Internet crime Jim Popovitch (Feb 12)
  - Re: IBM report reviews Internet crime Andre Gironda (Feb 12)
    - Re: IBM report reviews Internet crime JC Dill (Feb 13)
    - Re: IBM report reviews Internet crime Andre Gironda (Feb 13)
    - Re: IBM report reviews Internet crime Mark Radabaugh (Feb 13)
    - RE: IBM report reviews Internet crime Frank Bulk (Feb 14)
  - Re: IBM report reviews Internet crime Tony Finch (Feb 13)

(Thread continues...)