Wouldn't it be wonderful if we could have this discussion without mentioning
the M-word?
It seems to me that the OS vendor's ethical obligation is to produce the
most secure platform they reasonably can and to fix any and all problems in
it for free. Beyond that, lots of security problems exploit
r approach, I'd love to hear it.
--
Scott Blake
BindView's RAZOR Team
http://razor.bindview.com/
> -Original Message-
> From: Bugtraq List [mailto:[EMAIL PROTECTED]]On
> Behalf Of Marc
> Sent: Tuesday, February 29, 2000 9:07 PM
> To: [EMAIL PROTECTED]
> Su
ere at all. One could make a case that there should be, but the bug in
password changing is hardly relevant to that. Finally, tech support's
recommendation that the password be removed from the DB is perfectly
reasonable when you consider that it is utterly useless anyway.
-----
Scott Blake
[