Re: Security through obscurity, etc.

David Miller (isdmill@gatekeeper.ddp.state.me.us)
Tue, 13 Dec 1994 09:36:32 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: James M. Chacon: "Re: Security through obscurity, etc."
Previous message: Christopher Samuel: "No more religious wars please! (was Re: Security through obscurity,"
In reply to: Jason Matthews: "Re: Security through obscurity, etc."
Next in thread: Richard Forno: "Re: Security through obscurity, etc."

On Mon, 12 Dec 1994, Jason Matthews wrote:

> On Tue, 29 Nov 1994, That Whispering Wolf... wrote:
> 
[...]
> > Well, this is just my $.02. I think if 8lgm continues they way they're
> > going (with things like their SCO 'login' problem -- Which basically said "There's a bug, no fix and no workaround, so nyah"), I'd rather just see them 
> > go away. I echo Pat's comments (I think that was Pat) about only needing
> > one CERT.
> 
> I would rather have 8lgm then CERT. 
> 
> Jason

So would I.  And the reason for this is that with 8lgm there is a 
credible threat for near term disclosure: enough of a threat to force the 
vendors to react.  Reporting bugs to CERT does nothing to motivate vendors.

--- David
----------------------------------------------------------------------------
		It's *amazing* what one can accomplish when 
		    one doesn't know what one can't do!

Next message: James M. Chacon: "Re: Security through obscurity, etc."
Previous message: Christopher Samuel: "No more religious wars please! (was Re: Security through obscurity,"
In reply to: Jason Matthews: "Re: Security through obscurity, etc."
Next in thread: Richard Forno: "Re: Security through obscurity, etc."