On Sun, 20 Aug 2006 16:24:44 -0300 "Shmuel Metz (Seymour J.)" <[EMAIL PROTECTED]> wrote:
:>In <[EMAIL PROTECTED]>, on 08/19/2006 :> at 08:28 PM, john gilmore <[EMAIL PROTECTED]> said: :>>I have not exploited these weaknesses for fun or profit, :>I have, but that was before MODESET provided a cleaner and supported :>way to get into key zero. I've also APARed those weaknesses that I :>discovered. :> 05F0 :> 0A0C :>>but I cannot as a practical matter spend time writing up a PMR every :>> time I identify a possible security flaw. :>Why? How often do ou encounter them? Once a decade? Less? :>>That is not my job. :>Are you responsible for keeping your system up? Isn't it your job to :>correct a problem capable of taking your system down? :>>'Decent obscurity' makes some things unavailable, or at least very :>>much more difficult of access, to the unlearned; and this is :>>useful. :>You're playing Russian Roulette with your system. My guess is that he is supplying a touch of BS or he has some improperly installed hooks, aka the JSCBAUTH SVC. I remember in the past that I could find something like this on almost any system. But it is not APARable as the installation is creating the integrity hole. -- Binyamin Dissen <[EMAIL PROTECTED]> http://www.dissensoftware.com Director, Dissen Software, Bar & Grill - Israel Should you use the mailblocks package and expect a response from me, you should preauthorize the dissensoftware.com domain. I very rarely bother responding to challenge/response systems, especially those from irresponsible companies. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html