Forwarded from: Darren Reed <darrenrat_private> Subject: Re: [ISN] MS to force IT-security censorship In some email I received from InfoSec News, sie wrote: [...] > Worse, we have here a recipe for establishing a monopoly on > vulnerability data like the little cabal of greedy insiders who > run the anti-virus industry, and who control access to information > with a stranglehold which protects nothing so much as their > revenue stream. The question you have to ask yourself is this: is the information M$ will be providing any better than what you get via bugtraq ? If the M$ information is still largely dependant on independant people reporting things to M$ as well as bugtraq, it's hard to see how they are adding anything of value. If M$ are so intent on creating a special class of priviledged users then they may well find themselves on the raw end of the stick - getting reports after (or at the same time as) bugtraq or some other forum specifically setup for this purpose. That is unless there have been (a) gaping huge security holes which have not been found by hackers and have been closed, on the quiet, by M$ or (b) reports of such which have gone to M$ and not bugtraq. Microsoft is forgetting, I think, who they owe their bug reports to and that is to say it's largely not Microsoft's internal R&D. Darren - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Nov 06 2001 - 07:14:10 PST