From: shamrock@netcom.com (Lucky Green)
To: Rich Graves <cypherpunks@toad.com
Message Hash: b0dee15820b1aa87d595f3a5baed0649177520e35d83967bf508020e620e7878
Message ID: <v02120d2dad17d87fa2cc@[192.0.2.1]>
Reply To: N/A
UTC Datetime: 1996-01-09 08:48:37 UTC
Raw Date: Tue, 9 Jan 1996 16:48:37 +0800
From: shamrock@netcom.com (Lucky Green)
Date: Tue, 9 Jan 1996 16:48:37 +0800
To: Rich Graves <cypherpunks@toad.com
Subject: Re: Microsoft continues to mislead public about Windows security bugs (a bitlong, with references)
Message-ID: <v02120d2dad17d87fa2cc@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain
At 12:01 1/8/96, James A. Donald wrote:
>At 07:15 PM 1/8/96 -0800, Rich Graves wrote:
>>As Microsoft well knows, this is completely untrue. [...]
>>
>> [...]
>>
>>Microsoft has not even admitted that this bug in both Windows 95 and
>>Windows for Workgroups affects Windows for Workgroups, apparently because
>>they have decided not to fix it.
>>
>> [...]
>>
>> We believe that it would be highly irresponsible to release the full
>> version of this hack, but we will soon release a crippled
>> demonstration-only version
>>
>> Is anybody listening?
>
>They will listen if you start to release full uncrippled exploits, after
>a reasonable delay.
Very true. But why does it always seem to take an exploitable crack before
companies pay attention to security flaws? Is it because they are unable to
admit that they have made a mistake? Everybody makes mistakes. What's the
big deal? I really don't understand it. Any psychologists on this list?
-- Lucky Green <mailto:shamrock@netcom.com>
PGP encrypted mail preferred.
Return to January 1996
Return to “shamrock@netcom.com (Lucky Green)”