Hi all,
In response to statements found at
http://news.com.com/Exploit+code+makes+IE+flaw+more+dangerous/2100-1002_3-5439370.html
"Microsoft is concerned that this new report of a vulnerability in
Internet Explorer was not disclosed responsibly, potentially putting
computer users at risk," the co
On Mon, 8 Nov 2004, Berend-Jan Wever wrote:
> In response to statements found at
> http://news.com.com/Exploit+code+makes+IE+flaw+more+dangerous/2100-1002_3-5439370.html
Yup.
But what amuses me most, is the following bit:
"Microsoft has begun to investigate the Iframe vulnerability and has no
Michal Zalewski wrote:
On Mon, 8 Nov 2004, Berend-Jan Wever wrote:
In response to statements found at
http://news.com.com/Exploit+code+makes+IE+flaw+more+dangerous/2100-1002_3-5439370.html
Yup.
But what amuses me most, is the following bit:
"Microsoft has begun to investigate the Iframe vu
0wning the windoze population is not enough for m$.
they also want to 0wn the intellectual property of bugs and exploits in their
warez.
as much as i love them, i must admit they are lamers.
--
where do you want bill gates to go today?
On Mon, Nov 08, 2004 at 12:40:08PM +0100, Berend-Jan Wever
Common laws in IT-security:
I° Micro$oft bugs law :
"a bug is a bug only if found in competitor's software (or if it
could be used in any commercial report to show Windoze
better&stronger than other OSes)."
II° Micro$oft bugs law :
"Windoze has only bugs that M$ said it has; every other bug, foun
--On Monday, November 08, 2004 03:13:57 PM +0100 Michal Zalewski
<[EMAIL PROTECTED]> wrote:
Several days later, this statement surfaces in an article, showing beyond
any doubt that they are, quite simply, lying to the public to save face
and gain time.
As much as I am not a rabid Microsoft hater,
On Mon, Nov 08, 2004 at 01:33:17PM -0600, Paul Schmehl wrote:
> Never attribute to malice what can be explained by incompetence. Most
> likely what happened is the left hand (PR) didn't know what the right hand
> (secure@) was doing.
>
suppose your logic were right.
so, when m$ pr talk, they d
On Mon, 8 Nov 2004, Paul Schmehl wrote:
[ Moderators - feel free to kill this ]
> Never attribute to malice what can be explained by incompetence. Most
> likely what happened is the left hand (PR) didn't know what the right
> hand (secure@) was doing.
Highly unlikely; Microsoft Security Respo
Dave Aitel wrote:
> This is another reason why studies comparing Microsoft's security to
Open Source security are always bizzare. They compare the entire set of
Linux vulnerabilities to a tiny subset of the bugs Microsoft knows
about, but pretends other people don't. WINS is a classic example.
How is it an example?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dave Aitel
Sent: Monday, November 08, 2004 9:49 AM
To: Michal Zalewski
Cc: Berend-Jan Wever; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] MSIE src&name prop
ailto:[EMAIL PROTECTED]
Sent: Monday, November 15, 2004 3:38 PM
To: joe
Cc: 'Michal Zalewski'; 'Berend-Jan Wever'; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] MSIE src&name property disclosure
That's a good question for your Microsoft sales rep. If yo
Berend-Jan Wever; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] MSIE src&name property disclosure
WINS is a classic example.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosur
Sent: Monday, November 15, 2004 3:38 PM
To: joe
Cc: 'Michal Zalewski'; 'Berend-Jan Wever'; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] MSIE src&name property disclosure
That's a good question for your Microsoft sales rep. If you want technical
detail
Not to be a smart-ass, but - sales reps typically dont know techinical
details, nor should they.
Got link/more info/etc as to what you are referring to?
On Mon, 15 Nov 2004 15:37:42 -0500, Dave Aitel <[EMAIL PROTECTED]> wrote:
>
>
> That's a good question for your Microsoft sales rep. If you w
huh!
Reviewing all the latest IE advisories, i believe they
are in a way attacking M$. So that its coutomers are
forced to choose another browser... due to the
security risks involved.
I will rate it as a birth of "E" - GORILLA WAR
stratigy? (o; of the minorities.
Can a company sue a pers
HP Tryed...
-KF
Can a company sue a person, for publishing
irresponsible sec. advisories as such? No offence. I
just wanna know your views. Afterall, the haxor is
reverse engineering the software. I don't know if M$
will ever fire a case against such ppl. in future with
a propaganda, TO PROTECT ITS
Can a company sue a person, for publishing irresponsible sec. ...
>> Don't know; Internet law is still very unclear in so many areas.
I found a shitty security issue in CyberGuard Firewall/Proxy some time ago; they were pretty upset about it. Went to the top as far as I understand it, to Pau
17 matches
Mail list logo
