[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Netscape Update
Robert Hettinga wrote:
> All this reminds me of something Tim May, Eric Hughes, and others have said
> before. Once you've gotten to the point where loss of security equals, in a
> very literal sense, loss of money, the incentive to publicize any given
> security hole starts to go away.
The Netscape PR department is no doubt preparing to spin the "bug fix"
into a "major update."
The fact of the matter is, the software does exactly what it was
designed to do. The fact that those who are "out of the loop" found out
how to use that designed feature does not make it a "bug."
When the list got spammed with email from 10,000 Laker fans named
"Bubba," I blasted plaidworks.com for their rudeness in trying to place
all the blame on "hackers" when the fact was that they left their system
wide open to abuse for the sake of convenience and profit.
Similarly, the government and corporations want systems designed to
allow them access to all available information passing through the
internet system and then cry "abuse" or "security bug" when individuals
discover how to use the design to their advantage.
Calling the Netscape feature a "bug" merely serves to draw attention
away from the fact that the software was intentionally designed in order
to facilitate snooping (ala Clipper chip?) and that indicates that there
have been people who have known how to take advantage of the feature
since its implementation.
Do the people who instituted the design and development of this
snooping feature all have "Good Guy" stamped on their forhead? Sure
they do...
TruthMonger