Mailinglist Archive: opensuse-security (195 mails)

< Previous Next >
Re: [suse-security] SuSE Security Announcement - make-3.77
  • From: "Peter Folk" <pfolk@xxxxxxxxxxxx>
  • Date: Thu, 02 Mar 2000 10:50:38 PST
  • Message-id: <200003021848.KAA24033@xxxxxxxxxxxxxxx>
Jussi Laako <jussi@xxxxxxxxxxxx> wrote:
>Or are you just pissed off because you couldn't use that bug to exploit few
>systems?
>
>...Just wondering why are you crying about common practice and hiding behind
>anonymity. (You aliases writing style just happens to be common to wanna-be
>crackers who think they are kEwL...)


I just want you to know that I think that is an entirely inappropriate
comment. Many people prefer to protect their privacy and in many respects
I think the 'net would be a much better place if more people did. Just
because he does does not make him a cracker, nor does it invalidate his
opinions (which I happen to share despite my not using an alias or being
a cracker).

If a system is concerned about security, then they should take measures
to follow bug lists and disable services as bugs are discovered to maintain
it. If not, then they will likely not know about the fix when it is re-
leased either, and their system will be open to attack anyway. I see no
reason to withhold information from those who will use it for the sake of
those who (most likely) will not---at least it puts the security folks and
the crackers on (more) even footing.

Pete

< Previous Next >
List Navigation