Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Office 10 applications & flashdrives can be used to browse restricted drives

From: "Jay D. Dyson" <jdyson () treachery net>
Date: Sat, 26 Feb 2005 13:32:34 -0800 (PST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, 26 Feb 2005, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:


Go back and read the original post.
Why? I'm not even replying to the original post. I couldn't give a good rip about the original post. 


"VENDOR RESPONSE
First mistake. I take every vendor response with a grain of salt since it's always run through their PR department and their corporate lawyers before we ever get treated to the watered-down (and usually fact-free) missive that they design to toss at us like so many table scraps. Those of us who have been around long enough will starkly recall the "vendor response" that Ford Motor Company had when its Pintos developed a penchant for exploding when rear-ended. Nufsed.
Whether or not you want to cut Microsoft some slack... there's a process of ethical and responsible disclosure that I would expect Sonny as a representative of a governmental agency would understand. He not only put his own government computers at risk but others in this disclosure, yes?
In my book, Microsoft is the entity that put those systems at risk with their shoddy malware. Sonny only showed that the flaw existed. I'll leave it to the philosophy majors to debate the ethics of the issue. Personally, I believe in full disclosure. And considering that Microsoft has (for want of a better expression) money coming out of its butt, I should think they'd be able to spend that money in a fashion that would put security first...and quick.
And I'm glad your SP2 implementation went well. I had to deal with VPNs when SP2 rolled out. If you'd had to, your outlook on that service pack would be decidely less than cheery. 

- -Jay

  (    (                                                        _______
  ))   ))   .-"There's always time for a good cup of coffee"-.   >====<--.
C|~~|C|~~| (>----- Jay D. Dyson -- jdyson () treachery net -----<) |    = |-'
 `--' `--'  `-I just started World War III.  You're welcome.-'  `------'

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (TreacherOS)
Comment: See http://www.treachery.net/~jdyson/ for current keys.

iD8DBQFCIOr5BYoRACwSF0cRAhtNAJ0VuDDs2yPVS722o67lIs/JgEyX9wCeIfi9
uJ/xN56JliAYBfIrVorn2P4=
=Mg87
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: