On 8/18/05, Jason Coombs <[EMAIL PROTECTED]> wrote: > > So there ya go. I suppose you'll > > find something new to complain > > about, or to be rude about. > > Whenever possible, yes. > > It's amazing how much you support Microsoft. Don't you know that it is in the > continued support that you give them that they derive their continued > opportunities to harm others? > > Of course, the more you and others support Microsoft, the more your expertise > grows in value. > > Compare your decision-making and ethics to the decisions made by me and > others who, after hard work and sacrifice to gain over a decade worth of > training, education, skill and work experience with Microsoft products, grew > to understand that it causes harm to the entire world for us to apply that > skill in any fashion that helps Microsoft. > > I swore an oath never again to apply my skills in a way that helps Microsoft. > > ... or to help any other organization that knowingly causes harm with > reckless disregard for the well-being of others. > > Integrity, competency, and those who prove they are good people must be > supported, and anyone who lacks integrity, competency, and has proven they > are bad must be opposed. > > To do otherwise demonstrates the same self-serving and wrong thinking that > enables Microsoft to con its victims in the first place. > > Glad to see Microsoft give an opinion that more clearly explains that their > Windows 2000 product is inherently defective and shouldn't be used if you > intend to connect it to a computer network. > > That was the conclusion that I arrived at after performing a forensic review > of IIS 5.0 -- you'll find my analysis contained within my book about IIS > security: > > http://www.science.org/jcoombs/ > > http://www.forensics.org/IIS_Security_and_Programming_Countermeasures.pdf > > Best, > > Jason Coombs > [EMAIL PROTECTED] > > > -----Original Message----- > From: "Kurt Seifried" <[EMAIL PROTECTED]> > Date: Thu, 18 Aug 2005 11:00:04 > To:<[EMAIL PROTECTED]> > Subject: MS not telling enough > > They just updated MS05-039. > > Windows 2000 systems are primarily at risk from this vulnerability. Windows > 2000 customers who have installed the MS05-039 security update are not > affected by this vulnerability. If an administrator has disabled anonymous > connections by changing the default setting of the RestrictAnonymous > registry key to a value of 2, Windows 2000 systems would not be vulnerable > remotely from anonymous users. However, because of a large application > compatibility risk, we do not recommend customers enable this setting in > production environments without first extensively testing the setting in > their environment. For more information, search for RestrictAnonymous at the > Microsoft Help and Support Web site. > > So there ya go. I suppose you'll find something new to complain about, or to > be rude about. > > -Kurt > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
Ok, I think it's time to filter your email from my inbox. Don't take it the wrong way, but I don't care about your fights with some guy named Kurt, or the stupid forensic dudes or the laws or politics of your country. All I care about is securiy, if I ever want to discuss other stuff I'll subscribe to another list, forum, whatever. Have a nice day. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
