funsec mailing list archives

Re[3]: www.hexblog.com down?

From: Sean Donelan <sean () donelan com>
Date: Wed, 4 Jan 2006 15:28:43 -0500 (EST)

On Wed, 4 Jan 2006, Pierre Vandevenne wrote:

beats Windows yet. Should our customer data be vulnerable to a
blissfully unaware accountant surfing the web with a vulnerable
system? Or should we disable the functionality we supposedly paid for


This puzzles me a bit.

If you are storing customer data on machines your blissfully unware
account uses to surf the web, what has really changed?

They were vulnerable for years before the public disclosure.
They were potentially exploited during the weeks before the public
disclosure.
They will still be vulnerable to other known vulnerabilities, but not
necessarily public, after this vulnerability is patched.

Ignorance may be bliss, but do you depend on it to keep your customer
data secure?
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

www.hexblog.com down? Fergie (Jan 03)
- Re: www.hexblog.com down? Valdis . Kletnieks (Jan 03)
  - Re: www.hexblog.com down? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 03)
- RE: www.hexblog.com down? Larry Seltzer (Jan 03)
  - Re[2]: www.hexblog.com down? Pierre Vandevenne (Jan 03)
    - Re: Re[2]: www.hexblog.com down? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 03)
    - Re[4]: www.hexblog.com down? Pierre Vandevenne (Jan 03)
    - Re: Re[2]: www.hexblog.com down? nodialtone (Jan 03)
    - Re[3]: www.hexblog.com down? Pierre Vandevenne (Jan 03)
    - Re[4]: www.hexblog.com down? Pierre Vandevenne (Jan 03)
    - Re[3]: www.hexblog.com down? Sean Donelan (Jan 04)
    - Re[4]: www.hexblog.com down? Pierre Vandevenne (Jan 04)
    - Re[4]: www.hexblog.com down? Sean Donelan (Jan 04)
    - Re[5]: www.hexblog.com down? Pierre Vandevenne (Jan 04)
    - Re[5]: www.hexblog.com down? Sean Donelan (Jan 04)
    - Re[6]: www.hexblog.com down? Pierre Vandevenne (Jan 04)
- Re: www.hexblog.com down? Pierre Vandevenne (Jan 03)
  - Re: www.hexblog.com down? Gadi Evron (Jan 03)
    - Re[2]: www.hexblog.com down? Pierre Vandevenne (Jan 03)
- Re: www.hexblog.com down? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 03)
- <Possible follow-ups>
- Re: Re[2]: www.hexblog.com down? Fergie (Jan 03)

(Thread continues...)