[WEB4LIB] Re: Fortres Hack on the Horizon??
Charles F. Bearden
cbearden at ruf.rice.edu
Wed Jun 23 10:59:04 EDT 1999
On Tue, 22 Jun 1999, sean dreilinger wrote:
> Isabel Danforth wrote:
> > There is an email address given for st0rmer. it is one of the free email
> > providers, and I already have sent them an email informing them that this
> > person is involved in cracking security software.
>
> either that, or they're just contributing to the software development
> cycle by demonstrating potential exploits in package xyz (here, fortres)
> and putting an external pressure on the fortres company to secure product
> weaknesses promptly-- instead of letting holes linger, obscure but open,
> for the truly malicious to come and take advantage of your fortres
> installation.
Or they're doing both--cracking *and* inadvertently contributing to
the software development cycle.
I'm inclined to agree with sean that those who publicly expose the
vulnerabilities of systems and software do more good than harm on
balance. Better that developers and system administrators should
know what's out there than that this knowledge should remain the
exclusive province of the '3l33t3'.
Chuck
======================================================================
Chuck Bearden Electronic Resources Librarian Rice University
cbearden at rice.edu 713.527.8101x3634 713.737.5859 (fax)
======================================================================
More information about the Web4lib
mailing list