Re: Reasons why BIND isn't being upgraded

• From: Bill Woodcock
• Date: Fri Feb 02 12:07:11 2001

      On Fri, 2 Feb 2001, Patrick Greenwell wrote:
    > By the same token one might argue that atempting to hide vunerabilities 
    > to those paying you for "early warnings" doesn't help at all.

Not at all...  If you're trying to hide a vulnerability by lying about
your version number, that presupposes generally-held knowledge of an
association between a vulnerability and a version number.

"Early warning" is specifically a means of delaying the general
availability of knowledge of that association.  

These are temporally sequential states.  Not comparable strategies within
the same context.

                                -Bill

• Follow-Ups:
  • Re: Reasons why BIND isn't being upgraded Patrick Greenwell

• References:
  • Re: Reasons why BIND isn't being upgraded Patrick Greenwell

• Prev by Date: Re: Reasons why BIND isn't being upgraded
• Next by Date: Re: More MSFT woes.
• Date Index
• Thread Index
• Author Index
• Historical