-----BEGIN PGP SIGNED MESSAGE-----
At 12:00 AM 10/8/2004 GMT, Jason Coombs PivX Solutions wrote:
The longer one chooses non-disclosure, and the more willfully one
does so, the less 'good' that disclosure appears - particularly
after considering all of the technical truths about information
security research and reverse engineering that you so carefully and
corectly articulated.
Immediate full disclosure that cannot be disputed and leaves no room
for debate immediately helps anyone who chooses to receive and
consider the disclosure. Everything else serves only to delay and
obscure that clear and urgent security alert communique, increasing
the window of exposure and the Total Risk of Ownership needlessly.
So everyone can expect immediate and full disclosure from PivX
effective immediately? May I suggest you start with all the details
regarding "unpatched," resurrection of that page, followed by
"immediate and full" disclosure of every bug PivX has contacted
Microsoft and every other vendor about. Ever. "Immediate and full"
after all.
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0
Comment: Hacker=Cybercriminal The definition changed get over it
iQCVAwUBQWbgQvGfiIQsciJtAQFTvQQAm2AdB/37SyVgaG3Qndg9kWHo84qy3TW3
YdQFUOHbj/gtZUTiM3TyK5xSEySO3r12QiovGquhJpt0DaSaHFFBb3NovEdK9nn7
c/3HM23dNpNB1iKkEINgpRu1Zs03orx1pLXRXHr3OGz5UTxb2quGkNQwYTldypfl
h9m2FJrMbN4=
=fOWg
-----END PGP SIGNATURE-----
--
Regards,
/"\
David Kennedy CISSP \ / ASCII Ribbon Campaign
Protect what you connect; X Against HTML Mail
Look both ways before crossing the Net. / \
--
NTBugtraq Editor's Note:
Want to reply to the person who sent this message? This list is configured such
that just hitting reply is going to result in the message coming to the list,
not to the individual who sent the message. This was done to help reduce the
number of Out of Office messages posters received. So if you want to send a
reply just to the poster, you'll have to copy their email address out of the
message and place it in your TO: field.
--
