OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq Archives: Re: Microsoft Security Bulletin (MS00-005)

Re: Microsoft Security Bulletin (MS00-005)

Subject: Re: Microsoft Security Bulletin (MS00-005)
From: Brock Tellier (btellierUSA.NET)
Date: Wed Jan 19 2000 - 12:18:05 CST

Pauli Ojanpera <pauli_ojanperaHOTMAIL.COM> wrote:
>
> They failed to mention me!
>
> If Microsucks wants users to audit their shit they should
> at least give the credit to whom the credit is due. Fix
> http://www.microsoft.com/security/bulletins/MS00-005faq.asp
> credits also.

This seems to be the trend among bloated, closed-source OS's like Microsoft's
Windows and, in my case, SCO's UnixWare/OpenServer. Although the hackers on
Bugtraq have done more to help their products than their entire team of
well-paid engineers, we recieve absolutely no credit. Credit shouldn't be
given in order to inflate egos, but instead to point out to those who aren't
on the mailing list that Microsoft did not find the hole in question, that the
real work was done by someone else. Simply because MS/SCO doesn't post source
code in their own advisories doesn't mean they shouldn't have to give credit.
Whatever happened to intellectual property? By posting our ideas without due
credit, they are stealing our work and degrading our efforts.

Meanwhile, kudos to some of the vendors who've attempted to do the right
thing. From personal experience, SuSE and FreeBSD come to mind.

Brock Tellier
UNIX Systems Administrator
Chicago, IL, USA
btellierusa.net

____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1

This archive was generated by hypermail 2b27 : Thu Jan 20 2000 - 14:09:20 CST