Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: IBM report reviews Internet crime

  • From: Florian Weimer
  • Date: Tue Feb 12 14:52:47 2008 
* Owen DeLong:

> If the vulnerability cannot be corrected through a vendor patch, then,
> one has to wonder what, exactly the vulnerability is.

You assume that a vendor patches a vulnerability once they learn about
it.  In my experience, this is not true.  Sometimes it's easy to explain
(product or vendor ceased to exist), sometimes it's not (some cross-site
scripting issues I'm trying to straighten out; minor bugs to you
perhaps, but huge media exposure because of their visibility and
reproducibility--think FDIV bug).


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.