[17827] in bugtraq
Re: Submission
daemon@ATHENA.MIT.EDU (Robert G. Ferrell)
Tue Nov 28 17:54:47 2000
Mime-Version: 1.0
Content-Type: TEXT/plain; charset=us-ascii
Content-Md5: JhErBYl2VsjP8fmFDMeHhQ==
Message-Id: <200011271856.MAA01981@rgfsparc.cr.usgs.gov>
Date: Mon, 27 Nov 2000 12:56:26 -0600
Reply-To: "Robert G. Ferrell" <root@rgfsparc.cr.usgs.gov>
From: "Robert G. Ferrell" <root@RGFSPARC.CR.USGS.GOV>
To: BUGTRAQ@SECURITYFOCUS.COM
> It seems
>to me that people like Georgi Guninski while they claim to support full
>disclosure obviously
>support it for reasons other than the good of the security community.
Without venturing into the dangerous psychological territory of second-guessing
people's motivations, I feel it is time once again to point out that none of
this would be relevant if application developers would do their own security
reviews prior to releasing their software, rather than letting the rest of the
world do it for them, free of charge. Having a large, ridiculously wealthy
corporation call someone 'discourteous' or 'irresponsible' after rushing to
release software that endangers thousands of systems and terabytes of data is
bordering on the comically absurd, or would be if it weren't so needlessly
tragic.
Perspective, folks. That's what it's all about.
Cheers,
RGF
Robert G. Ferrell, CISSP
========================================
Who goeth without humor goeth unarmed.
========================================
