• Subject: Re: Rewarding Challenge AS/400
  • From: leif@xxxxxxx
  • Date: Tue, 28 Sep 1999 18:31:25 -0500

see below.
  Someone has raised the point about the publication & response by IBM to security exposures. I have often wondered why the notification services like CERT, never report AS/400 problems. They certainly do report http, java, WebSphere , SQL and other problems, all of which OS/400 works with. But the reports are always about WinXX, Linux, Unix, NT, Sun, and a few others. (Actually I do know why - most of the universe doesn't know or understand what an AS/400 is). BTW, CERT is a good place to get free info on security exposures, and a free e-mail alert service. Our government at work. CERTŪ Coordination Center
----------------------------------
 
When we first told IBM about our findings, there response was some like
this (I can't remember the exact words - because it was always verbal):
 
If you go public with this we will cut you off (we are a business partner of IBM).
We will bury you. We will make sure you go out of business. Don't rock
the boat.
 
----------------------------------------
 
how is that for irresponsibility ???
 

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.