North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: IBM report reviews Internet crime
* Owen DeLong: > If the vulnerability cannot be corrected through a vendor patch, then, > one has to wonder what, exactly the vulnerability is. You assume that a vendor patches a vulnerability once they learn about it. In my experience, this is not true. Sometimes it's easy to explain (product or vendor ceased to exist), sometimes it's not (some cross-site scripting issues I'm trying to straighten out; minor bugs to you perhaps, but huge media exposure because of their visibility and reproducibility--think FDIV bug).