Izak Burger <[EMAIL PROTECTED]>:
> On Thu, May 15, 2008 at 9:58 PM, Guido Hennecke
> <[EMAIL PROTECTED]> wrote:
> > In Germany we say: "Wer nichts macht, macht auch nichts verkehrt".
>
> Which means: he who does nothing makes no mistakes. (For those who
> don't understand German)
Danke.
"
Bodo Moeller <[EMAIL PROTECTED]> writes:
> This much, by the way, should be very clear to anyone who has read the
> OpenSSL PRNG's source code comments ;-) Anyone who'd look at the
> calling code responsible for the Valgrind warning would have found
> a comment regarding this peculiar behavior.
On Thu, May 15, 2008 at 11:38:59PM +0200, Steffen Schulz <[EMAIL PROTECTED]>
wrote:
> - There are published algorithms for good PRNGs, no need to help
> yourself with adding unintialized memory and praying the OS does a
> good job already.
Nothing in OpenSSL has ever *relied* on uninitialize
On 080516 at 08:00, Yves-Alexis Perez wrote:
> On jeu, 2008-05-15 at 23:38 +0200, Steffen Schulz wrote:
> > or what its worth...I see 3.5 problems that accumulated into this
> > mess:
> >
> > - OpenSSL is complex and critical but the code is little documented.
> > Code pieces like the ones in qu
CaT wrote:
> On Fri, May 16, 2008 at 07:47:31AM +0200, Yves-Alexis Perez wrote:
>> On jeu, 2008-05-15 at 23:38 +0200, Steffen Schulz wrote:
>> > or what its worth...I see 3.5 problems that accumulated into this
>> > mess:
>> >
>> > - OpenSSL is complex and critical but the code is little document
On Thu, May 15, 2008 at 9:58 PM, Guido Hennecke
<[EMAIL PROTECTED]> wrote:
> In Germany we say: "Wer nichts macht, macht auch nichts verkehrt".
Which means: he who does nothing makes no mistakes. (For those who
don't understand German)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subje
On Fri, May 16, 2008 at 07:47:31AM +0200, Yves-Alexis Perez wrote:
> On jeu, 2008-05-15 at 23:38 +0200, Steffen Schulz wrote:
> > or what its worth...I see 3.5 problems that accumulated into this
> > mess:
> >
> > - OpenSSL is complex and critical but the code is little documented.
> > Code piec
On jeu, 2008-05-15 at 23:38 +0200, Steffen Schulz wrote:
> or what its worth...I see 3.5 problems that accumulated into this
> mess:
>
> - OpenSSL is complex and critical but the code is little documented.
> Code pieces like the ones in question should have warning-labels
> printed all over th
ugh. But maybe it
would have been noticed this way that the function in question
actually has a different interface.)
Anyways, thanks for the good incident response..
/Steffen
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
this time, it was a mistake.
Anyway, thanks to the Debian openssl developers, to think about things
and not just copy them!
Heads up!
Regards, Guido
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ATTN: PRESIDENT/CEO
It gives me a great pleasure to send you this business/partnership proposal. I
am writing to seek your partnership in a business of mutual benefit. Within the
South African Department of Transport where I work as the director of audit and
project implementation, we (my colle
Here is the file.
--- Trend GateLock 病毒防護通知 (主機:higp7.gatelock.com.tw)
** 中毒檔案 message_part2.pif 已刪除。
Trend GateLock 病毒防護通知 (主機:higp7.gatelock.com.tw)
** 在檔案 message_part2.pif 中發現病毒 WORM_NETSKY.J。
無法清除病毒,中毒檔案已刪除。
Here is the file.
--- Trend GateLock [EMAIL PROTECTED] (主機:higp7.gatelock.com.tw)
** 中毒檔案 message_part2.pif 已刪除。
Trend GateLock [EMAIL PROTECTED] (主機:higp7.gatelock.com.tw)
** 在檔案 message_part2.pif 中發現病毒 WORM_NETSKY.J。
Le 12390ième jour après Epoch,
Bradley Alexander écrivait:
> I just wanted to take the opportunity to thank everyone in the Debian
> community for their hard work on the cleanup and forensic analysis of the
> recent system compromise.
I'm joining you to thanks everyone too. More
Le 12390ième jour après Epoch,
Bradley Alexander écrivait:
> I just wanted to take the opportunity to thank everyone in the Debian
> community for their hard work on the cleanup and forensic analysis of the
> recent system compromise.
I'm joining you to thanks everyone too. More
I just wanted to take the opportunity to thank everyone in the Debian
community for their hard work on the cleanup and forensic analysis of the
recent system compromise.
As a security engineer, I would like to say that this compromise was the
cleanest, most professionally handled that I have encou
I just wanted to take the opportunity to thank everyone in the Debian
community for their hard work on the cleanup and forensic analysis of the
recent system compromise.
As a security engineer, I would like to say that this compromise was the
cleanest, most professionally handled that I have encou
From: Luis Gomez - InfoEmergencias <[EMAIL PROTECTED]>
To: debian-security@lists.debian.org
Subject: Re: Keeping files away from users - THANKS!!
Date: Thu, 5 Jun 2003 20:58:43 +0200
MIME-Version: 1.0
Received: from murphy.debian.org ([146.82.138.6]) by
mc5-f31.law1.hotmail.co
From: Luis Gomez - InfoEmergencias <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: Keeping files away from users - THANKS!!
Date: Thu, 5 Jun 2003 20:58:43 +0200
MIME-Version: 1.0
Received: from murphy.debian.org ([146.82.138.6]) by
mc5-f31.law1.hotmail.com with Microsoft S
On Thu, Jun 05, 2003 at 08:58:43PM +0200, Luis Gomez - InfoEmergencias wrote:
> Other interesting things to look at:
>
> - LICENSING ISSUES. As Peter Cordes commented, the kernel is GPL so if we
> integrate code into it, we cannot provide a binary-only version, we should
> also give away the sou
agues. Will continue writing on the topic later or tomorrow,
probably.
Again, thanks to all for your great pieces of advice
Yours
The Pope - Luis Gomez
--
Luis Gomez Miralles
InfoEmergencias - Technical Department
Phone (+34) 654 24 01 34
Fax (+34) 963 49 31 80
[EMAIL PROTECTED
On Thu, Jun 05, 2003 at 08:58:43PM +0200, Luis Gomez - InfoEmergencias wrote:
> Other interesting things to look at:
>
> - LICENSING ISSUES. As Peter Cordes commented, the kernel is GPL so if we
> integrate code into it, we cannot provide a binary-only version, we should
> also give away the sou
agues. Will continue writing on the topic later or tomorrow,
probably.
Again, thanks to all for your great pieces of advice
Yours
The Pope - Luis Gomez
--
Luis Gomez Miralles
InfoEmergencias - Technical Department
Phone (+34) 654 24 01 34
Fax (+34) 963 49 31 80
[EMAIL PROTECTED
Thanks to all the guys who responded to my mail, and gave me the valuable
URLs for my work. I got good info there.
Thanks.
Peter Ondraska
Thanks to all the guys who responded to my mail, and gave me the valuable
URLs for my work. I got good info there.
Thanks.
Peter Ondraska
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Tue, Dec 11, 2001 at 01:46:11PM +0900, Olaf Meeuwissen wrote:
...
> Thanks to everyone who responded. I should have been a little clearer
> on the system setup. The machine in question consists of a main unit
> and a bunch of externally attached hard disks connected to a network.
&g
On Tue, Dec 11, 2001 at 01:46:11PM +0900, Olaf Meeuwissen wrote:
...
> Thanks to everyone who responded. I should have been a little clearer
> on the system setup. The machine in question consists of a main unit
> and a bunch of externally attached hard disks connected to a network.
&g
writing the password on the machine
> (or similar) *or* stay with what I have now and take my chances with
> people flicking the power switch.
> BTW, the server is not in a physically secure location, so I run the
> power switch thingy risk anyway.
>
> Suggestions, discussions of p
writing the password on the machine
> (or similar) *or* stay with what I have now and take my chances with
> people flicking the power switch.
> BTW, the server is not in a physically secure location, so I run the
> power switch thingy risk anyway.
>
> Suggestions, discussions of p
Thanks for all your help on squid nothing better to get TCP_DENIED
in the access.log for squid. Yes!!! The acl part of squid is quite
good...I will have to test it as I'm not sure if I denied too much
...eg: access to certain ports such as SSL and what they call safe
ports..I set my squ
Thanks for all your help on squid nothing better to get TCP_DENIED
in the access.log for squid. Yes!!! The acl part of squid is quite
good...I will have to test it as I'm not sure if I denied too much
...eg: access to certain ports such as SSL and what they call safe
ports..I set my
the
desktop interface without crippling the rest of the users. Now all thats
left is disabaling all the tty sessions and going over permissions with a
fine tooth comb.
Thanks again!
david.
On Mon, 6 Aug 2001, Mike Renfro wrote:
> On Fri, Aug 03, 2001 at
the
desktop interface without crippling the rest of the users. Now all thats
left is disabaling all the tty sessions and going over permissions with a
fine tooth comb.
Thanks again!
david.
On Mon, 6 Aug 2001, Mike Renfro wrote:
> On Fri, Aug 03, 2001
33 matches
Mail list logo
