On 3/1/2012 6:52 AM, David Cole wrote:
This is not just despicable, under today's law, it is actually criminal! Any vendor who does this could be (and should be) jailed in criminal courts and sued out of existence in civil courts. I do not know who is doing this, but I believe utmost pressure must be brought to bear upon that vendor so that it will commit every resource to removing the breach from its products.
Just to clear: intercepting the FLIH does not itself constitute an exposure and, as far as state changes go, the checking and requirements could be complete enough to avoid any integrity problem. For example, the methodology could be similar to that employed by IBM's IGX00011 "magic" SVC and its intended caller. Unless someone can prove there really is an exposure, which to my knowledge has not been done, I suggest that passing such judgment is premature. -- Edward E Jaffe Phoenix Software International, Inc 831 Parkview Drive North El Segundo, CA 90245 310-338-0400 x318 [email protected] http://www.phoenixsoftware.com/
