-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 7 Mar 2000, Petri Sirkkala. wrote:
I don't care if it is a FUD or not. I only react to those mails originating from SuSE or the real vendors of the programs. These are of course the parties that need the exploits to verify the bug, and then send the _official_ security issues.
I did not say _only_ suse. But so far I trust only the ones I can verify myself. This is what everyman has to determine themselves.
I would love to be able to trust SuSE, on the same token I can't afford to wait while they notify their peers. So instead I have to lurk everywhere I can, such lists as bugtraq etc, and even areas that contain members of the "darkside". I prefer to be notified ASAP about exploits, not when it's "convenient". - -- ..Yashy When you say "I wrote a program that crashed Windows", people just stare at you blankly and say "Hey, I got those with the system, *for free*".' (By Linus Torvalds) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.0 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE4xQJuFM22zL2gTQcRAoMSAKCAMGMKgbo6nQFgPogygeJOgrd/AwCeKLow Btw/hm6ZN2bSb1f+kARLkcY= =Wd5L -----END PGP SIGNATURE-----