Bugtraq mailing list archives
RE: Followup: vuln in WinBlox monitor for winnt
From: "Drew Copley" <dcopley () eeye com>
Date: Wed, 31 Mar 2004 10:36:14 -0800
-----Original Message----- From: Oliver Lavery [mailto:oliver.lavery () sympatico ca] Sent: Tuesday, March 30, 2004 1:11 PM To: bugtraq () securityfocus com Subject: Followup: vuln in WinBlox monitor for winnt
<snip>
That's it. No pissing competition. Liu's onto something very good here, but as anyone who installs MS patches will tell ya, you've got to see the full implications of a fix before you choose to apply it. Until this thing gets rewritten properly, and follows even the most basic principals of secure coding, it'll cause more problems than it fixes, in my opinion. I firmly believe that these sorts of tricks have tonnes of potential and are going to become even more common in the future of the "so called security community" tho' ;)
<snip> Honestly, most [95%+-] "beta" or "alpha" programs do "cause more problems then they fix". Liu Die Yu is relatively new at development, but he is relatively new at finding bugs -- and he has succeeded substantially at that. I do not doubt that he will succeed substantially at this. And, all of this is yet another great reason to immediately put code opensource at an excellent hosting spot like sourceforge... even from the design phase, but especially from the alpha release stage. Then you have the ability to have others to help out... and you have such neat, modern resources such as bug databases and submission forms. I do not think Liu Die Yu will take half a year or more to fix his bugs.
Current thread:
- Followup: vuln in WinBlox monitor for winnt Oliver Lavery (Mar 31)
- <Possible follow-ups>
- RE: Followup: vuln in WinBlox monitor for winnt Drew Copley (Mar 31)
- RE: Followup: vuln in WinBlox monitor for winnt Oliver Lavery (Mar 31)