Quoting Yasholomew Yashinski (yashy@yashy.com) on Wed, Mar 08, 2000 at 04:06:15PM -0500:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 8 Mar 2000, Andreas Siegert wrote:
Could you please stop that useless discussion.
Discussing security announcments is useless discussion? Are you saying that on behalf of SuSE?
Discussing security announcements is not useless. Repeating old discussions without new content is useless.
What were the results of the bugtraq thread? Exploits are posted there as they are discovered. Perhaps if someone (yourself?) would make a stand on SuSE's take of the situation, the thread will be ended. In the meantime we'll have to debate our opinions which hopefully have some reflection on the opinions of SuSE, as the vendor. As Linux makes itself mainstream, large corporations have identified that, and will have to choose a vendor to use. I believe SuSE to be the best option currently, I just hope they can maintain that standpoint for me. I would like to present a vendor to my employer that releases bleeding edge exploits. Calling a client's issues "useless" is hardly a professional way to react. I would recommend satisfying the customers needs, and not making fun of their issues.
I do not call clients opinions useless. I did not say in any words anything about release policies. I did not make fun of anyone. Please read what I wrote exactly. SuSE, like most vendors does not release exploits. We release warnings as soon as we can provide our users with a fix or workaround. Sometime this does not happen as fast as we would like it to happen. But we are only human after all. cheers afx -- SuSE Muenchen GmbH Phone: +49-89-42769-0 Stahlgruberring 28 Fax: +49-89-42017701 D-81829 Muenchen, Germany May the Source be with you!