[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Bill Gates blames the victim
- To: Petr Swedock <petr@xxxxxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] Bill Gates blames the victim
- From: Alexandre Dulaunoy <alexandre.dulaunoy@xxxxxx>
- Date: Wed, 3 Sep 2003 14:58:32 +0200 (CEST)
On 3 Sep 2003, Petr Swedock wrote:
> "Richard M. Smith" <rms@xxxxxxxxxxxxxxxxxxxx> writes (quotes):
>
> ;;
> ;; Q. "The buffer overrun flaw that made the Blaster worm
> ;; possible was specifically targeted in your code reviews
> ;; last year. Do you understand why the flaw that led to
> ;; Blaster escaped your detection?"
> ;;
> ;; A. "Understand there have actually been fixes for all of
> ;; these things before the attack took place. The challenge
> ;; is that we've got to get the fixes to be automatically
> ;; applied without our customers having to make a special effort."
>
> "Don't trust our software. But do trust our patching/update process..."
Don't trust software but trust our software patches...
We can continue the sentence by adding that the special effort is
needed because new bugs are generated by these patches.
Arf.
adulau
--
-- Alexandre Dulaunoy (adulau) -- http://www.foo.be/
-- http://pgp.ael.be:11371/pks/lookup?op=get&search=0x44E6CBCD
-- "Knowledge can create problems, it is not through ignorance
-- that we can solve them" Isaac Asimov
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html