RE: Microsoft knew about the WMF flaw for years

["Thomas Mannfred Carlsson" <thomas () carlsson fm>]

On 16 Jan 2006 at 10:48, Larry Seltzer wrote:

> And Toulouse's explanation also makes it clear, as if 
> it already weren't, that Gibson pulled his crackpot 
> theory out of his ass and it has no real basis. He 
> really ought to have apologized by now.

It really does seem a bit odd (given that Ilfak's tester's source 
code was available for review) that during the 24 hours Gibson was 
looking at this issue he (apparently?) didn't consider checking his 
results against available information on the vulnerability (if for no 
other reason only so that he could make an announcement about a new 
WMF flaw, if it turned out that his "backdoor" was something 
different from what had been published to date).

Given the seriousness of the (apparently false) allegation I wouldn't 
be surprised if the guy was taking some legal counsel right now, 
before making any other public statements..

Best Regards,

Thomas

-- 
  Thomas Mannfred Carlsson
  Researcher/Consultant
  e-mail: thomas () carlsson fm
  Public PGP key: http://www.beige.org/pgp.txt

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.