Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: Re: MS Security Response is a bunch of half-witted morons
From: "Andrew Aris" <andrew () dev bigfishinternet co uk>
Date: Mon, 15 Mar 2004 10:02:12 -0000

Nick,

As much as I agree with you that this is someting of a blunder by
Microsoft's web design people and that it does give out an impression of a
bad attitude towards security rather than being a huge risk per-se (not
saying that there is no risk involved). In fact I agree with more or less
all the points you make that despite their recent efforts (and it has to be
said improvements) that they still have a very long way to go before they
are really on top of the security issue.

This section of the e-mail this section:

Contains confidential and/or proprietary information.

Wow!

Really?

What bits precisely?

No, seriously, I need to know so I can avoid ever using that 
information in anything I may say, write or produce in 
future.  After all, you went to the trouble of warning me, 
therefore it would probably be negligent of me to not 
ascertain precisely what it is that I should be careful to 
not infringe against in the future...

May not be copied or disseminated without express consent of The 
Goodyear Tire & Rubber Company

Sh*te -- I just did and without express consent from your employer.

And so did the admins of these mailing lists.  Do you really 
think The Goodyear Tire & Rubber Company will mind?

Hmmmm -- thinking about it a bit harder, did _YOU_ have the 
_express_ consent of The Goodyear Tire & Rubber Company to 
post some of its "confidential and/or proprietary 
information" to all these folk?  Seems an odd thing to do 
with what you're claiming is ostensibly legally privileged 
and limited information, even if you _did_ have express 
consent to do it...


Was it completely needed? We've all seen the standard legal stuff at the
bottom of e-mails form corporate addresses a thousand times before and we
all know that most of the e-mails that you see them on its not pertinent to
anyway so why pick now to deride someone about something that is probably
dictated by company policy?

Not big, not clever.

regards,

Andrew



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]