Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Microsoft Security Bulletin (MS00-005)

From: btellier () USA NET (Brock Tellier)
Date: Wed, 19 Jan 2000 12:18:05 CST

Pauli Ojanpera <pauli_ojanpera () HOTMAIL COM> wrote:


They failed to mention me!

If Microsucks wants users to audit their shit they should
at least give the credit to whom the credit is due. Fix
http://www.microsoft.com/security/bulletins/MS00-005faq.asp
credits also.


This seems to be the trend among bloated, closed-source OS's like Microsoft's
Windows and, in my case, SCO's UnixWare/OpenServer.  Although the hackers on
Bugtraq have done more to help their products than their entire team of
well-paid engineers, we recieve absolutely no credit. Credit shouldn't be
given in order to inflate egos, but instead to point out to those who aren't
on the mailing list that Microsoft did not find the hole in question, that the
real work was done by someone else.  Simply because MS/SCO doesn't post source
code in their own advisories doesn't mean they shouldn't have to give credit. 
Whatever happened to intellectual property?  By posting our ideas without due
credit, they are stealing our work and degrading our efforts.

Meanwhile, kudos to some of the vendors who've attempted to do the right
thing.  From personal experience, SuSE and FreeBSD come to mind.

Brock Tellier
UNIX Systems Administrator
Chicago, IL, USA
btellier () usa net

____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1
Previous By Date Next
Previous By Thread Next

Current thread: