[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Remedy for Getting Off is Patch
- To: Григорий Братислава <musntlive@xxxxxxxxx>
- Subject: Re: [Full-disclosure] Remedy for Getting Off is Patch
- From: Dan Tulovsky <dant@xxxxxxxxxxx>
- Date: Sat, 15 Jan 2011 14:14:09 -0500
This may be a troll, but it reminds me of something a fellow sysadmin
said in a meeting once:
"Firewalls? Who needs firewalls? If you properly maintain your end
system, you don't need a firewall."
2011/1/14 Григорий Братислава <musntlive@xxxxxxxxx>:
> Hello full disclosure!!!
>
> I'd like to warn you about Patches. As is everyone knows, patches
> is are pieces of is software that software manufacturers is make to
> fix their is horrendous programs. Is you not patch, you is get
> owned. Gone is under sixty seconds.
>
> As is say on Wikipedia -- "A security patch is a change applied to
> an asset to correct the weakness described by a vulnerability. This
> corrective action will prevent successful exploitation and remove or
> mitigate a threat’s capability to exploit a specific vulnerability in
> an asset. Security patches are the primary method of fixing security
> vulnerabilities in software. Currently Microsoft releases its
> security patches once a month, and other operating systems and
> software projects have security teams dedicated to releasing the most
> reliable software patches as soon after a vulnerability announcement
> as possible. Security patches are closely tied to responsible
> disclosure."
>
>
> As in say by musntlive -- "A security patch is is a change
> applied is to an asset is to correct ignorance and stupidities of
> developers of is application because is their application is
> ownerizable. This is corrective action and is nothing more than is
> bandaid to prevent temporary exploitation and is remove vulnerability
> for short amount of is time. Security patches is only method of
> vendors like is Microsoft is to cover their осёл. 'Is we is Microsoft
> and is sure we make sloppy software.' All software is beta присоска!
> And is you is stupid for buying is software. Security patches is
> closely tied with sloppy coding and is rushing to market."
>
> Is argue by Thor (who is musntlive respect) as is is arguement by
> Valdis (who is musntlive respect is усы) is Pete Herzog (who is
> musntlive respect) say: 'defense in depth' -- "the more reason to
> implement an array of controls (defense in width) for the interactive
> points rather than rely on patches to fix ONLY the problems you know
> about." Now is musntlive lay smack down on is everyone even is I
> respect all of you.
>
> Is Pete you must understand is I pay $40,000.00 or give 10,000
> little сурок trade for software - I is expect software to is work
> how I want is work. I is build my business on is this application so
> when is code is changed now I is has to maybe accept it yes or is not
> accept it. Is I accept is change is software maybe break my system
> and is cost me money or possibly worse сурок!! Is who присоска
> now!!??!!??
>
> Is patch no answer!! Because is New Year musntlive offers everyone
> fair solution to is fix: OpenBSD. Now is when you have security
> issues since is your machine backdoored is you can ask Theo or the FBI
> to fix is your machine.
>
>
> Thank is you all for support in 2011
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/