9 Nov 88 22:07:20 GMT
In article <In article <firstname.lastname@example.org>, dre%ember@Sun.COM (David Emberson) writes:
> > DISCLAIMER: If Mr. Emberson has spent the last four years trying
> > to get everyone he knows to turn off "debug" on their send-
> > mails... my apologies to him.
> I have much better things to do with my time, which was one of my points.
Great. But time enough to waste discussing Mr. Morris :-)
It is hard to accept that our Unix system vendors promote this half-baked
attitude. But given the number of people who have stepped forth to pro-
claim that they, too, knew about this hole and were kind enough not to
muck around with our systems really makes me wonder who takes responsibi-
lity for what.
I run an end-user shop. I adopted Unix for several reasons, a big one
being the flexibility it gives me in selecting hardware and bargaining
with vendors. In turn, I expect that I and my people have to invest
a lot of time in understanding what we are working with, arcane manuals
and all. Fair enough. But to learn that our current and (maybe) future
vendors distribute software with known and easily-fixed security bugs is
disheartening in the least.
There is, to me, a touch of insanity in this security issue. I have seen
innumerable messages during the past three years, which state that yes,
there are problems, but no, we will not discuss them because that will
simply invite potential destruction and havoc. So instead, we learn
about them after they are mass-broadcast through the press.
Is this the only way ? Or does everyone like me have to spend whatever
Unix saves us on developing/paying for the necessary expertise to protect
greg pavlov, fstrf, amherst, ny
This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:29 GMT