-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 27 Feb 2000, Avi Schwartz wrote:
Actually it makes a whole lot of sense and it is a common practice. Since the bug was *unknown*, it made sense to delay the announcement and give other vendors a chance to fix the bug. Had the announcement gone out immediately it would have given crackers a chance to exploit the bug.
My mistake. I forgot that exploits are only found by the white-hats. As I said before, why notify your users of a security hole that could bring their network to their knees, when you have your competitors respect to worry about? - -- ..Yashy "...you might as well skip the (Christ)mas celebration completely, and instead sit in front of your linux computer playing with the all-new-and-improved linux kernel version." (By Linus Torvalds) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.0 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE4uwtgFM22zL2gTQcRAp3oAJ0e6PgyoW86ZK3vz44uKMlzH6llTgCfUc6x u7lzzWQ/uPXygrKynaSGm6M= =EL6z -----END PGP SIGNATURE-----