|
-
July 28th, 2005, 05:52 PM
#8
After some email discussion with one of the journalists who covered this, it appears that the problem, and probably Mr. Lynns impetus to resign and 'go public' with this info, is a lack of apparent progress by Cisco in addressing the underlying architectural and design flaws, and simply patching the problem. Please don't quote me OR Mr. Lynn on this, it's just a theory.
So yes, spin would be a good guess for Cisco's reasoning. Will they actually fix this? Who knows...companies sell software with buffer overflow vulnerabilities all the time.
Catch... "Don't buy software that sucks" about sums it up, doncha think? But does it suck, or is it mearly broken, and is being fixed now that we all know it's broken?
Update!
Boing-Boing post has been updated by Cory D
"It is important to note and propogate that Lynn did go through the corrrect channels for release: he contacted the vendor, the vendor issued a fix. At this point, normally, public release would be allowed and expected."
I never realized "Full disclosure" was such a filthy expression. :sourface:
"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote