[Full-disclosure] How to Report a Security VulnerabilitytoMicrosoft
mcbain at aol.com
mcbain at aol.com
Tue Apr 12 22:28:33 BST 2005
I dont believe even with a staff of 100k people that one could come up with a conceivable testing environment for every possible network setup in this world, could you?
And yes making the disclosure private does earn Billgates more money. But thats not WHY they want it private and honestly , putting your billg flaming aside (lol) , you know thats the truth. 0day and worms which is the alternative, terrorist activity is not what they want.
From: Georgi Guninski <guninski at guninski.com>
To: mcbain at aol.com
Cc: full-disclosure at lists.grok.org.uk
Sent: Wed, 13 Apr 2005 00:14:17 +0300
Subject: Re: [Full-disclosure] How to Report a Security VulnerabilitytoMicrosoft
On Tue, Apr 12, 2005 at 05:00:46PM -0400, mcbain at aol.com wrote:
> The reason for this (from redmond) is they cannot break computers that are out
there. There tolerance has to be even below one percent ,and even that is too
much and finally conceded with them on their points. Also, they do not "patch"
they find the root of the problem which adds more time. So you should be seeing
less workarounds of microsoft patches.
they are breaking computers out there all the time.
so they know their code is a mess, but want the 0day to be private to them
for 5 months so they can profit more. a nice plan.
i thought bill's trusthy computing intiative cured the "root of the
problem" or not? the m$ whores patching holes for several billions worth and
*more* exploits left?
where do you want bill gates to go today?
-------------- next part --------------
An HTML attachment was scrubbed...
Full-Disclosure is hosted and sponsored by Secunia.