Bugtraq mailing list archives
Re: Microsoft Security Bulletin (MS00-005)
From: btellier () USA NET (Brock Tellier)
Date: Wed, 19 Jan 2000 12:18:05 CST
Pauli Ojanpera <pauli_ojanpera () HOTMAIL COM> wrote:
They failed to mention me! If Microsucks wants users to audit their shit they should at least give the credit to whom the credit is due. Fix http://www.microsoft.com/security/bulletins/MS00-005faq.asp credits also.
This seems to be the trend among bloated, closed-source OS's like Microsoft's Windows and, in my case, SCO's UnixWare/OpenServer. Although the hackers on Bugtraq have done more to help their products than their entire team of well-paid engineers, we recieve absolutely no credit. Credit shouldn't be given in order to inflate egos, but instead to point out to those who aren't on the mailing list that Microsoft did not find the hole in question, that the real work was done by someone else. Simply because MS/SCO doesn't post source code in their own advisories doesn't mean they shouldn't have to give credit. Whatever happened to intellectual property? By posting our ideas without due credit, they are stealing our work and degrading our efforts. Meanwhile, kudos to some of the vendors who've attempted to do the right thing. From personal experience, SuSE and FreeBSD come to mind. Brock Tellier UNIX Systems Administrator Chicago, IL, USA btellier () usa net ____________________________________________________________________ Get free email and a permanent address at http://www.netaddress.com/?N=1
Current thread:
- Re: Microsoft Security Bulletin (MS00-005) Pauli Ojanpera (Jan 19)
- <Possible follow-ups>
- Re: Microsoft Security Bulletin (MS00-005) Brock Tellier (Jan 19)
- Re: Microsoft Security Bulletin (MS00-005) Microsoft Product Security Response Team (Jan 21)