>> Is it me or ms never credit vulnerabilities according to
>> http://www.microsoft.com/security/passport_issue.asp "a report was
>> published detailing a security vulnerability(...)"? No more details or
>> credit.
>
> And they should because...? If you ask me, doing this for "fame and
> fortune" is really against what i would call traditional hacker ethic.
That was just a simple question. AFAIK they DO for some vunerabilities: do
you remember IIS issue (MS99-047) discovered by eeye years ago? Well the
Acknowledgments display credit. Same for most of the latest security bultins
as displayed http://www.microsoft.com/technet/security/: MS03-015 etc...
The question is not fame or whatever you call it, just a question about
selective Acknowledgments from ms.
My 2 cents,
Deepquest
"Ubi solitudinem faciunt, pacem appelant"
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on May 09 2003
Intro
