On Wed, 18 May 2011 18:20:07 PDT, Paul Ferguson said: > Ostrich syndrome revisited.
> "Dillon was not threatened or prevented from speaking. Rather he made > the decision based on the potential negative impact to human life and > the fact that the vendor's proposed mitigation had failed," NSS Labs > Chief Executive Rick Moy said in an e-mail. "ICS-CERT has done a great > job of assisting us with this process and we look forward to Siemens > being able to address the issue for their customers." The proposed mitigation had failed, but we look forward to Siemens being able to fix it somehow. What world do these people live in? The company shipped it broken, then the company couldn't fix it the first time. How many chances you intend to give them? In related news, I'm confident that Playstation Network will be totally secure when they finally get it back up, even though they got pwned twice, shut it down, and then after forcing everybody to change their passwords, they got pwned *again* - via the password change page. https://www.computerworld.com/s/article/9216834/Sony_takes_down_PlayStation_Network_after_URL_error
pgpaifpuu0x7V.pgp
Description: PGP signature
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
