On 2/13/13 10:46 , Timo Strunk wrote: > There is a very inflammatory article about BOINC on the MDR website, > which blames the University of Berkeley for not fixing security holes,
Indeed, and it clearly shows that neither the "hacker" (see below) nor the MDR have a clue how BOINC works - unfortunately. Good journalism is done differently... > The picture shows the recent php security vulnerability changeset, which > was on our server a day after it went to git. Is this the security hole, > which was reported by the security firm Unnex? Most likely, the interviewed "hacker" is called Matthias Ungethüm who, despite the unusual last name, is in fact the founder of Unnex, a penetration testing "company". While existing security flaws are certainly something that needs urgent fixing, the general tone of this "breaking news" article sounds more like a PR stunt for his own "company" if you ask me. Oliver _______________________________________________ boinc_dev mailing list [email protected] http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev To unsubscribe, visit the above URL and (near bottom of page) enter your email address.
