Eric Cordian wrote:
In comp.sys.intel, the keeper of the Intel Secrets Website, rcollins@slip.net (Robert Collins) writes this absolutely amazing paragraph:
If nobody knew about this problem, nobody would be affected by it. No, I had no desire to publicize the bug.
Egads. Talk about "Security by Obscurity"!
Robert Hettinga wrote:
Subject: Major security flaw in Cybercash 2.1.2 (fwd)
CyberCash v. 2.1.2 has a major security flaw that causes all credit card information processed by the server to be logged in a file with world-readable permissions. This security flaw exists in the default CyberCash installation and configuration.
We at the Electronic Fraud Foundation also have no desire for these bugs to be publicized. We're making a goddamn fortune off of them. (Damn near as much as we're making off of our remailer-donation scam.) Ura Fishpal, Flounder, Electronic Fraud Foundation [Note: You are required by Federal Law to pay me one dollar for reading this post. Send $1 to EFF, Box 281, Bienfait, Sask. Canada S0C 0M0] [Note From Your System Administrator: Failure to comply with the above will result in loss of your access privileges and a hernia.]