RE: Complicated Disclosure Scenario

From: Jose Nazario (joseat_private)
Date: Thu Jan 17 2002 - 13:49:41 PST

Next message: Florian Hobelsberger / BlueScreen: "Re: Odd MSIE html parsing"

Previous message: Len Rose: "Re: cgate soli86"
In reply to: Dom De Vitto: "RE: Complicated Disclosure Scenario"
Next in thread: Jeff Nathan: "Re: Complicated Disclosure Scenario"
Next in thread: Nathan Anderson: "RE: Complicated Disclosure Scenario"
Reply: Jeff Nathan: "Re: Complicated Disclosure Scenario"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 17 Jan 2002, Dom De Vitto wrote:

> Ethics indicates that in order to protect users, public disclosure
> (full or limited) is the only remaining way to protect users - either
> because the don't use the product, or because the vendor fixes it due
> to public pressure.

if you wanna feel better about it, include some workarounds for people to
use it a bit safer, or supply, if possible, an alternative. then you have
more than adequately covered your bases.

____________________________
jose nazario						     joseat_private
	      	     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
				       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Next message: Florian Hobelsberger / BlueScreen: "Re: Odd MSIE html parsing"
Previous message: Len Rose: "Re: cgate soli86"
In reply to: Dom De Vitto: "RE: Complicated Disclosure Scenario"
Next in thread: Jeff Nathan: "Re: Complicated Disclosure Scenario"
Next in thread: Nathan Anderson: "RE: Complicated Disclosure Scenario"
Reply: Jeff Nathan: "Re: Complicated Disclosure Scenario"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 17 2002 - 20:07:32 PST