-----BEGIN PGP SIGNED MESSAGE----- In article <9510141153.AA16412@all.net>, Dr. Frederick B. Cohen <fc@all.net> wrote:

The idea that Netscape (like Microsoft) thinks they can get free testing services from all over the net by real experts just by offerring a tee shirt is down right offensive.

But (amusingly enough) they can get free testing services from this aspiring student for free just by providing source code. Hey, it's fun! :-) I'm no expert, but you get what you pay for. <grin> [Psst: anyone wanna offer source code to the security modules?] I do think their ``bug bounty'' system is an improvement -- at least they're showing some concern for security, and beginning to admit that outside review of security-critical code is...well...critical. Still, I do agree that they really oughta be employing true experts to carefully evaluate their system, if they wanna claim anything about its security. - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBMIGMAyoZzwIn1bdtAQG98wF9Hr8lU8nXqP50MNwO2SNhsMUg5XhzfcWg 22Tsp8OkYV3F22gUcI6Un1w7peK7ciT5 =hs1A -----END PGP SIGNATURE-----