Re: [fw-wiz] recent disclosure debates
From: Marcus J. Ranum (mjr@ranum.com)
Date: 12/17/02
- Next message: Reckhard, Tobias: "RE: [fw-wiz] recent disclosure debates"
- Previous message: Marcus J. Ranum: "Re: [fw-wiz] Corporate H/N IPS"
- Maybe in reply to: R. DuFresne: "[fw-wiz] recent disclosure debates"
- Next in thread: Reckhard, Tobias: "RE: [fw-wiz] recent disclosure debates"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "R. DuFresne" <dufresne@sysinfo.com>, "'firewall-wizards@honor.icsalabs.com'" <firewall-wizards@honor.icsalabs.com> From: "Marcus J. Ranum" <mjr@ranum.com> Date: Tue Dec 17 08:17:00 2002
R. DuFresne wrote:
>I'm wondering why all the fingers are pointing so dramatically at ISS and
>why ISC has received little or no heat in the issue.
Probably because ISC wasn't marketing itself based on the
fact that its code was buggy, but ISS was marketing itself
based on the fact that it had found bugs in ISC's code.
As long as customers sit back and keep lapping up the whole
vulnerability-disclosure-as-marketing phenomenon, we'll keep
having to put up with it. I used to think that it'd wear
off but that was 5 years ago, already. I'd expected a
backlash of customer nausea long before now. I guess P.T. Barnum
was wrong: there's one born every _SECOND_.
mjr.
--- Marcus J. Ranum http://www.ranum.com Computer and Communications Security mjr@ranum.com
- Next message: Reckhard, Tobias: "RE: [fw-wiz] recent disclosure debates"
- Previous message: Marcus J. Ranum: "Re: [fw-wiz] Corporate H/N IPS"
- Maybe in reply to: R. DuFresne: "[fw-wiz] recent disclosure debates"
- Next in thread: Reckhard, Tobias: "RE: [fw-wiz] recent disclosure debates"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
