WRONG!!! Netscape claims to be "secure" - hence it is Netscape's job to be secure - regardless of the user's use of their product. Otherwise, the ads should read:
"Netscape can be used securely by sufficiently knowledgeable users who have emasculated their postscript interpreters before using them to view files of unknown origin, and who have removed all other known, unknown, and/or undisclosed security holes from their systems. Otherwise, Netscape is insecure and should not be trusted."
Why did I know you would be showing up in this discussion? You wouldn't be related to alice de 'nonymous would you?
Is it Netscape's position that when people call them on their statements they make irrelevant comments and inflamatory remarks toward legitimate researchers who are freely helping them understand the security issues they apparently don't understand?
I don't believe that Netscape claims to be some magic bullet that will suddenly make your system secure when you install it. We also don't claim that it will detect viruses.
You claim that you provide secure net access for the purposes of transactions - which you don't - and you have gotten an enormous amount of money from people who don't understand these issues based, at least in part, on your false claims. Some people might interpret that as fraud. Now instead of trying to insult and put down people who have legitimate security concerns, you personally attack individuals, try to redirect the discussion away from the security flaws in Netscape, and try to hush the discussion with:
Dont you think we've wasted enough bandwidth on this? I'm sure most readers of this list are sick of it by now.
I think that you should give a copy of this and the other messages on this topic to someone at Netscape who is responsible for protection and ask them to speak for the company and address these issues head on. Regardless of your disclaimer, when you speak on the net, we hear Netscape, and the sounds are starting to sound more and more like Microsoft to me. -- -> See: Info-Sec Heaven at URL http://all.net Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236