Robert Hettinga wrote:
Adam, above, is speculating about the mechanics of a Netscape security hole, which, two years ago, would have gotten someone like Ian Goldberg a grand and a t-shirt, but probably only after they had published it on the net, just like Mssrs Goldberg and Wagner had to do, in order to get Netscape's attention. That included directions for how to replicate the problem. Back then, we wouldn't have been speculating about the mechanics of the hole, because people would be playing with it to see how it worked. As it is, latest hole was published in terms of its results only, and not its mechanics. Instead, those precious details were relased only to Netscape, and only for, NPR says, "an undisclosed sum".
Just to be clear, we didn't give the blackmailer any money. As Mike Homer put it: "We don't bargain with terrorists." -- What is appropriate for the master is not appropriate| Tom Weinstein for the novice. You must understand Tao before | tomw@netscape.com transcending structure. -- The Tao of Programming |