1995-09-28 - Re: WSJ on Netscape Hole 3

Header Data

From: sameer <sameer@c2.org>
To: cman@communities.com (Douglas Barnes)
Message Hash: 6d472db18afb7c4fbe70c5ed2650285e85a66825f6f01c0c343e84ed213a1eaa
Message ID: <199509280317.UAA05182@infinity.c2.org>
Reply To: <v02120d06ac8f74e7796e@[199.2.22.120]>
UTC Datetime: 1995-09-28 03:22:56 UTC
Raw Date: Wed, 27 Sep 95 20:22:56 PDT

Raw message

From: sameer <sameer@c2.org>
Date: Wed, 27 Sep 95 20:22:56 PDT
To: cman@communities.com (Douglas Barnes)
Subject: Re: WSJ on Netscape Hole 3
In-Reply-To: <v02120d06ac8f74e7796e@[199.2.22.120]>
Message-ID: <199509280317.UAA05182@infinity.c2.org>
MIME-Version: 1.0
Content-Type: text/plain


> As for objections about how worthwhile this is, it's pretty clear
> that a patch will be available for this problem before we can finish
> and publicize an exploit.

	Which makes an exploit all the more useful. If an exploit was
published well before a patch would be available, people would make
accusations that the exploit publisher was aiding
vandalism. (Warranted or not, 8lgm gets these accusations, etc.)
Publishing the exploit after the patch is available means more of an
incentive to go get the patched version. I for one, haven't picked up
the patched netscape yet.

-- 
sameer						Voice:   510-601-9777
Community ConneXion				FAX:	 510-601-9734
An Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.org (or login as "guest")			sameer@c2.org




Thread