Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

isn logo Information Security News mailing list archives

Re: BIND Flaws Reignite Security Debate
From: InfoSec News <isn () c4i org>
Date: Wed, 20 Nov 2002 01:57:45 -0600 (CST)
Forwarded from: Felix von Leitner <felix-isn () fefe de>

Thus spake InfoSec News (isn () c4i org):

The ISC told him that they wanted to make sure that the right audience
had the patches first.


Am I the only one who thinks this reeks of extortion?

This is by the way not the only questionable behaviour from the BIND
company; see http://cr.yp.to/djbdns/axfr-clarify.html for a further
example.


In an e-mail interview, Brennen said he chose not to pay the fee to
join the early announcement list and is now preparing to remove BIND
from his environment.


Well, to be fair even the BIND company says BIND 8 sucks and you
should not used it.

On the other hand, it is used on the root server the ISC houses.  
Mhh.

I think we as security experts should educate the public that this
kind of extortion and blackmail is not a sign of trustworthy software
and should not be tolerated.  After all, not being hold hostage by one
vendor is exactly the key strength of the open source movement.
Finally, You have the choice!  Use it wisely!

Felix



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]