Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: ArcLight

"There ought to be a "decent interval" between the discovery of the breach and its public revelation."

Go back and read the story. You have your facts all wrong.
A tool found the crash and the guy asked for help in determining why. Someone else found th actual problem. It was a colaborative discovery. Neither person alone found or published the exploit. It was readily replicatable every time you pointed this tool at a microsoft browser.

Microsoft STILL has not published a fix.

Had this been Nozilla, or Opera, or Konqueror browser the fix would be in WIDE distribrution already.


8 posted on 11/11/2004 2:49:48 PM PST by konaice
[ Post Reply | Private Reply | To 4 | View Replies ]

To: konaice
"There ought to be a "decent interval" between the discovery of the breach and its public revelation."

Yeah, that will give the people who actually know about it time do their exploits undisturbed.

11 posted on 11/11/2004 3:05:59 PM PST by glorgau
[ Post Reply | Private Reply | To 8 | View Replies ]
To: konaice

Good point. Still, the people working on the problem would have done better to carry on their discussion on a private e-mail list rather than in public. In all fairness, many private bug hunters would not think to do this. But it's the right way to investigate a security problem.


12 posted on 11/11/2004 3:07:29 PM PST by ArcLight
[ Post Reply | Private Reply | To 8 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson