× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Rob, just so you know, Patrick and I have had a civil side discussion on
this issue. We're professionals, and able to deal with our differences
without phrases like "consider the source".

I STILL stand by my initial premise: there is no buffer overrun
vulnerability on a native i5/OS service. This does not include PASE. And
if your only argument is that an integrity PTF "might" be a hack, then you
really have no argument at all.

I guarantee they haven't performed a buffer overrun exploit on any native
i5/OS service, and it's fuzzy statements like "take advantage of these
leaks" that make me crazy. Someone will read this list and get the idea
that you actually had such an exploit, even though we both know that no such
thing ever happened, and it will end up getting quoted out of context and
blogged from here to next Tuesday.

I repeat:

NOBODY HAS EVER REPORTED A BUFFER OVERRUN ON A NATIVE i5/OS SERVICE.

The appropriate phrase here is put up or ...

Okay, I'm done now. Can't believe I let you wind me up again, Rob, but your
particular brand of snide baiting is just annoying as hell.

Joe





From: rob@xxxxxxxxx

Joe can be quite blind on these issues. For years he's argued that
"Integrity" PTFs can mean anything to a problem with how it updates a
journal receiver or something, but could never mean a potential breach of
security (other than that caused by inadequate setup - which of course is
not a ptf issue).

Those of us who actually have had professional benevolent hackers take
advantage of these leaks know otherwise.

I think we just have to consider the source there, and let him rant.

Please don't let him sour you on this list (or IBM). Your advice has
always been invaluable.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.