[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Bill Gates blames the victim

To: "Richard M. Smith" <rms@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Bill Gates blames the victim
From: Petr Swedock <petr@xxxxxxxxxxxxxxxxxxxx>
Date: 03 Sep 2003 08:13:37 -0400

"Richard M. Smith" <rms@xxxxxxxxxxxxxxxxxxxx> writes (quotes):

   ;; 
   ;;    Q. "The buffer overrun flaw that made the Blaster worm 
   ;;    possible was specifically targeted in your code reviews 
   ;;    last year. Do you understand why the flaw that led to 
   ;;    Blaster escaped your detection?"
   ;; 
   ;;    A. "Understand there have actually been fixes for all of 
   ;;    these things before the attack took place. The challenge 
   ;;    is that we've got to get the fixes to be automatically 
   ;;    applied without our customers having to make a special effort."

"Don't trust our software. But do trust our patching/update process..."

Nice.

Peace,

Petr

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Bill Gates blames the victim
  - From: Alexandre Dulaunoy

References:
- [Full-Disclosure] Bill Gates blames the victim
  - From: Richard M. Smith

Prev by Date: [Full-Disclosure] Scanning the PCs for RPC Vulnerability
Next by Date: [Full-Disclosure] Most Important Vulnerabilities - August 2003
Previous by thread: Re: [Full-Disclosure] Bill Gates blames the victim
Next by thread: Re: [Full-Disclosure] Bill Gates blames the victim
Index(es):
- Date
- Thread