Re: End of all Open Source.
From: Mark H. Wood (mwood@mhw.ULib.IUPUI.Edu)
From: "Mark H. Wood" <mwood@mhw.ULib.IUPUI.Edu> Date: Thu, 6 Mar 2003 14:38:43 +0000 (UTC)
In comp.security.misc Barry Margolin <firstname.lastname@example.org> wrote:
> In article <email@example.com>,
> Bradley Bungmunch <Bradley@Bungmunch.com> wrote:
>>If this bug had been announced straight away, it would also have been
>>fixed almost immediately. Instead they kept it quiet and it took three
>>months for a fix to be issued.
> Yet, as far as we know, it was never exploited during that time. So the
> system seemed to work.
Yes, "as far as we know". I had to wonder if part of the reason for the
delay was that the intel. guys weren't through using it. :-/
> Telling people about a vulnerability without providing practical solutions
> is like the terror alerts that out government keeps announcing. I'm just
> not sure what the analogy is to sealing your house with plastic and duct
> tape. :)
Those total-network-security-in-a-box products come to mind.
-- Mark H. Wood, Lead System Programmer mwood@IUPUI.Edu MS Windows *is* user-friendly, but only for certain values of "user".