Hey, Absolutely ditto on this one. I'll mention this, since it's come up in public discussion, but apparently a UK government agency (equivalent of the NIPC in the US, I forget their exact name) has been contacting lots of large companies regarding preventative countermeasures, and telling them to (a) not pass it on (yeah right) and (b) NOT contact any manufacturers about details until the 21st. No advice given beyond "Enable MD5. Shh. Don't tell anyone. Top secret. You never saw us."
So yeah, I've gotten exactly the same sort of response. Great coordinated security activity there. -John ---------- Original Message ----------- From: Viktor Steinmann <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Sent: Mon, 19 Apr 2004 11:52:27 +0200 Subject: Re: [swinog] MD5 Hype > Same here.... all I hear when asking some people who *know* what's > going on give more or less an answer sounding like: > > "I could tell you, but then I'd have to kill you"... > > Cheers, > Viktor > > On Montag, 19. April 2004 11.37, Alexander Bochmann wrote: > > Hi, > > > > ...on Sat, Apr 17, 2004 at 11:21:24AM +0200, Fredy Kuenzler wrote: > > > We got dozens of MD5 requests in the last 48 hours, so I guess it must > > > be a really big mess. > > > > It seems it's more like only very few people know > > how big the mess is, and all the info I can get > > (as almost everyone else, it seems) is in the line > > of "yes, there is a problem, but we can't tell you > > what it is - using MD5 will help, though". > > > > I still don't think this is a responsible way > > to deal with a vulnerability that is rumored to > > affect basic internet infrastructure - seems more > > like some people who bought an advance notification > > service from some security company or router vendor > > want to see their investment pay off. > > > > Alex. > ---------------------------------------------- > [EMAIL PROTECTED] Maillist-Archive: > http://www.mail-archive.com/swinog%40swinog.ch/ ------- End of Original Message ------- ---------------------------------------------- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
