[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FYI] MS 'Security Framework' is another .NET vulnerability
- To: debate@lists.fitug.de
- Subject: [FYI] MS 'Security Framework' is another .NET vulnerability
- From: "Axel H Horns" <horns@ipjur.com>
- Date: Wed, 14 Nov 2001 09:46:29 +0100
- CC: krypto@thur.de
- Delivered-To: mailing list debate@lists.fitug.de
- List-Help: <mailto:debate-help@lists.fitug.de>
- List-Id: <debate.lists.fitug.de>
- List-Post: <mailto:debate@lists.fitug.de>
- List-Subscribe: <mailto:debate-subscribe@lists.fitug.de>
- List-Unsubscribe: <mailto:debate-unsubscribe@lists.fitug.de>
- Mailing-List: contact debate-help@lists.fitug.de; run by ezmlm
- Organization: NONE
- Priority: normal
http://www.theregister.co.uk/content/55/22816.html
---------------------------- CUT -------------------------------
MS 'Security Framework' is another .NET vulnerability
By Richard Forno
Posted: 14/11/2001 at 03:31 GMT
In late October 2001, Microsoft's Security Manager Scott Culp
published a missive calling for 'responsible disclosure' of security
vulnerability information on the Internet, claiming it was because of
the public availability of such information that major Internet
security problems or cyber-terrorist events could occur. His
commentary was well-received by large commercial companies and
security vendors, and panned by nearly everyone else.
During his discourse, Culp joined today's sensational security
bandwagon by coining the term "information anarchy" to indicate what
would happen without 'responsible security discussions' in controlled
environments away from where cyber-criminals may learn some new trick
to cause electronic mischief or mayhem. First we have the White House
(the most powerful government in the world) seeking to prevent an
"Electronic Pearl Harbor" by any number of government initiatives.
Now we have Microsoft (the most powerful monopoly in the electronic
world) seeking to prevent "Information Anarchy" through any number of
corporate initiatives. Perhaps "Information Anarchy" is a term
intended to imply that information really doesn't want to be free, or
can't be free and safe (thus attacking the legitimacy of the open
source software movement) and must be therefore restricted through
invasive software, policies, or law? Or is Culp simply trying to get
a term into the New Hacker's Dictionary?
[...]
---------------------------- CUT -------------------------------
--
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de