how-to block ads
|
2kmaro
Think
Premium,ExMod 1 BC
join:2000-07-11
ColossalCave
clubs:  
| reply to coxta
Re: The Word From Diamond Computer Systems
Quick comment - I believe it was either B or Wildcat boy that mentioned recently that there are password breakers that can come up with a password for most situations in under an hour. For maximum protection, besides the suggestions that coxta makes, also use the maximum number of characters permitted for the length of the password. Each additional character increases the difficulty of of guessing tremendously. Ok - on to next long post: What to expect in the next 24 hours! | |
id3dwiz
join:2000-10-07
Rego Park, NY | I'm using windows 2000 pro, with FAT 32.
I've heard that NTFS is much better security wise.
What do you recommend? | |
2kmaro
Think
Premium,ExMod 1 BC
join:2000-07-11
ColossalCave
clubs:
| reply to 2kmaro
Zone Labs President Responds!
In the following E-Mail, it may help to know that Gregor Freund is the President and Founder of Zone Labs and Conrad Herrmann is the Chief Technology Officer for Zone Labs. Information about them may be found at http://www.zonelabs.com/management.htm
--------------
E-Mail from DiamondCS
Due to recent responses from Zone Labs and then Steve, both vulnerabilities will be fully disclosed to the public in approximately 24 hours from the time of this email - we're just waiting upon confirmation from Zone Labs Gregory Freund & Frederick Felman that their latest email to us from Conrad Hermann is their official stance. All will be revealed tomorrow, but at this stage it appears Zone Labs won't be fixing either of the vulnerabilities - Steve isn't impressed, neither are we.
Best regards,
DiamondCS
end
------------
Ok, with that in front of us, here is the email that I received from Gregor Freund:
-------------
E-Mail from Gregor Freund, President of Zone Labs
Thanks you for this and your other message. I appreciate the opportunity to address your concerns and apologize for the delay getting back to you - I just came back from a vacation.
Up front: No security is absolute and one hundred percent. This is true for both cyber security as well as the "real world". You can put seat belts in a car, throw in air bags and crush zones and you will still have accidents that you just can't survive. The same principle is true for house or car alarms. Security measures are always a balance between protection, convenience, cost etc. For example I fly small airplanes who have 6-point seat belts which are much better then anything you would find in a car. The reason you don't find them there is that they are inconvenient to put on and restrict your movement so most drivers just wouldn't use them and end up being less secure instead of more. Every security vendor is selling tools to reduce your vulnerability, not to completely eliminate it.
Having said this we set our standard for appropriate security very high. None of the "generic" attacks to break through ZoneAlarm have ever succeeded and believe me, people have tried. In order to compromise a protected system you would have to either break through the integrated firewall or the MailSafe feature in order to run a malicious application on a victim's PC. For the sake of argument let's assume that is possible. If that malicious application then tries to communicate over the Internet (for example to steal your confidential data) we can and will stop it.
That leaves the possibility to attack the ZoneAlarm program itself. We have seen some lab attempts to do this but nothing in the "wild". Of course any of our competitors are subject to the same potential vulnerability. With version 2.1.44 we have changed the software so that even most of those attacks will fail. You still can unload the ZoneAlarm program (there is nothing under Windows that can stop this) but the underlying service will continue to enforce your security settings.
We are currently testing a new version that further improves the security margin. That version will be available towards the end of January. The goal is that ZoneAlarm can not be sabotaged provided that you
- Run on a semi-secure version of Windows (NT, 2000 or Whistler)
- Don't run in administrative mode
- Use the password feature
Under Windows 95/98/ME those margins will be a bit narrower. Please understand that we need the appropriate time to test the new code. Rushing out some pseudo-fix without sufficient quality assurance will have the opposite effect - users would run into all kinds of troubles and might eventually uninstall ZoneAlarm - not exactly an improvement of their online security.
You should also note that any of the potential attacks in this context would succeed with conventional firewalls such as CheckPoint or SonicWall. These products don't have any application-level protection at all and for example they all have to allow outgoing traffic on port 80.
We are extremely proud that we help eight million users to significantly improve their online security and have protected hundreds of thousands of them from serious harm. We take the resulting obligation very seriously and will do everything in our power to continuously improve our products in order to justify the trust of our users.
Best Regards,
Gregor Freund
President, Zone Labs, Inc.
end
-----------
With all of that I'm not quite sure of what to say to Zone Labs. We all know that no product is 100% anything. We also should know by now that in the Windows family, the home user software is the least secure.
The potential of a new virus with smarter technology has also been discussed here in the Security forum of DSLR. These risks would appear to apply equally to all software firewalls. Our best defense against this 'attack from within' will be to make sure that our Anti-Virus and anti-trojan efforts are always kept at a high, up-to-date level.
The most disappointing thing to me at this point is that while other software firewall vendors (Symantec most notable) responded to the LeakTest challenge almost immediately (with no fixes released yet that I know of), Zone Labs appears to feel this problem does not warrant their immediate attention.
I'm sorry, but in 20 years of building software to use in things like automated air traffic control systems, weather radar systems and general 'run of the mill' business applications my philosophy has always been that if you have a problem in the basic function of a product you fix it! The basic function of a software firewall is to stop unauthorized passage through that firewall. Am I missing something here?
In defense of Zone Labs, I could say (and should say) that as long as no malicious program gets on your system then there isn't a problem. That pretty much puts them all back in the same arena, perhaps still giving basic ZoneAlarm the edge by virtue of price and ease of use.
Will the revisions to Norton Personal Firewall, Sygate Personal Firewall and others like them be more secure than Zone Alarm - I cannot say. At least they will have made an improvement to themselves. Me - well, I'm headed down to BestBuy very shortly to start learning how to set up a router right!
In parting, I'll post my reply email to DiamondCS for you all to read:
----------
My Response to DiamondCS
Thank you for this update. That is very disappointing. Steve isn't impressed, you aren't impressed and I most certainly am not either. This seems to be a case of 'we have all these millions of users', we've got them hooked, now we get to leave them with an incomplete product. Perhaps Gregor and group have been taking program design lessons from the Microsoft School of Program (non)Design!
From what I have deduced from your comments and discussions with others, it would appear that a strong defense against this weakness will be a high-quality anti-virus application and awareness of good anti-virus procedures. This still leaves the risk of a new virus in place. I will be adding a router to my home system to increase the security level to some degree, and now will also take a look at some of those free tools you mentioned are available from DiamondCS, along with your other products to see which may have value in this area.
And, of course, I will give consideration to going with one of Zone Labs competitors once they have plugged the holes found with Steve's LeakTest. A sad state of affairs for such an otherwise outstanding product to have come to.
I would appreciate notification of where to read the announcement and obtain a copy of the test executable when these are available.
Thank You for all of your kind assistance these last three days.
end
---------
And to end it all - my reply to Mr. Freund
My reply to G.Freund
Thank you for your response. At this point I'm not really sure of what to say about it all. I do know that many people are taking this even more seriously than the results of Steve Gibson's LeakTest. The perception of most is that you have a discovered vulnerability and are not doing anything about it. Somehow you are going to have to overcome that perception.
You mention the 8 million users that have downloaded ZoneAlarm. Well, I feel like I've recommended it to about half of those numbers, and to each that I've recommended it to I feel some responsibility for any weakness it might have. MOST of those 8 million users are not using a secure OS such as NT, 2000 or Whistler. That is reality. Most of them are on various flavors of Windows as 98, 98SE, and ME. There are a great number of these users who are living on fixed incomes or are students and the added burden of coming up with another $100 or $150 to put a router on a single system is an almost unreasonable expectation for those. Those that are educated about security enough to realize the need for it in these categories are depending heavily on their software firewall to provide security.
It would appear that the only patch for this problem at this time for non-secure versions of Windows would be strong anti-virus software, kept up to date and good anti-virus operating habits? Am I correct in this assumption?
Also, you mentioned that even in shutting down ZoneAlarm that the service would continue to run -- is that a true statement if the user is operating with Windows 98/98SE/ME? I would presume not given the way that those operating systems provide the equivalent of Administrator priviledge to all users.
The part that makes all of this difficult for me to accept as presented is that I have been a programmer for most of the past 20 years. I have developed software still in use for automated air traffic control systems, weather radar systems, along with numerous business applications. It has always been my philosophy that if there was a fault in a basic function of a program, that fault should be fixed, period. It doesn't appear at this point that Zone Labs operates under that philosophy. I interpret the basic function of a software firewall to be to prevent unauthorized passage of traffic thru the firewall. Here we have a known potential for a breach, DiamondCS has indicated that they have provided solutions to Zone Labs and yet you state that in the 10 weeks since notification that Zone Labs has maintained a position of 'no, we aren't changing right now'. That is a tough piece of meat for me to chew right now.
Maybe I'm looking at all of this too hard and maybe from the wrong angle, but this is the way I see it at this point in time. I realize the risk may be very small, but it is a known risk that others have said there is a remedy for. Doesn't prudence dictate applying the remedy?
You may want to take a look at the comments provided on this subject over the past 2 or 3 days at DSLReports Security forum. The site address is http://www.dslreports.com and the discussion thread is at http://www.dslreports.com/forum/remark,288028;root=security,1;mode=flat;start=0
As you may recall, my nickname at the site is 2kmaro.
Thank you for taking the time to once again respond to me personally. Please give continued, strong consideration of addressing this issue with a software change at the earliest possible moment.
end
-------
Kirk Out.
--
The only virus on my computer is Windows. | |
Wildcatboy
Premium,Mod
join:2000-10-30
Toronto, ON
Host:
Security Product V..
Security
|  reply to 2kmaro
Re: The Word From Diamond Computer Systems
I heard my name  2kmaro is quite correct. I did say that before. Statistically 18% of all passwords can be cracked in less than 10 minutes. Alpha numeric passwords such as the one Wheelert mentioned 18VSO3ZFQ are generally good. This one can be broken on a 400 MHZ machine in about 5.5 hours. Most 14 digit alphanumeric passwords can be cracked in less than 48 hours in fact 80% of all passwords can be cracked in that time. For the most secure passwords choose 14 digit passwords with all possible characters such as H3+3d?(]B4`@~| This will take a maximum of 480 hours on a pentium 300. Change your password every 15 - 20 days.
By the way id3dwiz ( come to think of it your name can be used as a password too )you are correct NTFS is better. If you have the system that supports it and not using it, you are doing yourself a disservice. It's very easy to convert but hard to master the permissions. Make sure you understand how file and user permissions work.
And finally to go back on the subject, the vulnerability of ZA most probably wouldn't be solved by having a router because the nature of the problem has less to do with firewalls than it does with Trojans. Remember if you have a good AV program to keep the Trojan out you are totally safe from that vulnerability even if you don't have a firewall in place at all. No Trojan, no attempt of getting out of your computer. Cheers.
--
You can catch the Devil, but you can't hold him long. | |
GaryK7
Premium
join:2000-08-29
Miami, FL
clubs:
 ·Atlantic Broadband
| ZoneLabs seems to be saying that this is not really a problem with ZA. The problem is you've got a trojan in your system. So deal with the problem instead of blaming ZA for whatever damage this trojan does. Did I correctly understand that exchange of emails 2k shared with us?
If so then part of me can rationalize that argument.
But the other larger part of me seems to think that if this is something ZA can help its users/customers avoid then they should. If nothing else it's one more marketing claim they could make until their competitors catch up.
--
-tb/gary.
"The person who says it cannot be done should not interrupt the person doing it."
Chinese Proverb
Trail Blazer was formerly known as tblazer | |
Anon | reply to 2kmaro
Re: Zone Labs President Responds!
2kmaro, you've done an outstanding job of trying to get ZoneLabs to take complete responsibility for both their actions and their inactions. Although I don't use ZA, having chosen another route long ago, I appreciate your efforts on behalf of all of us who are security conscious. In almost 15 years of network implementation, management and architecture I have rarely encountered anyone as passionate about security as you have proven yourself to be. Keep up the good work!
Erik
--
Never attribute to malice that which can be explained as ignorance. | |
2kmaro
Think
Premium,ExMod 1 BC
join:2000-07-11
ColossalCave
clubs:
| reply to GaryK7
Re: The Word From Diamond Computer Systems
Trail Blazer - you are correct. But this is exactly the same kind of thing that we all raised hell about when Steve Gibson released the LeakTest results. That's a bogus deal also as long as no trojan is active on your system. This is same thing, just that the trojan would have to act a little bit different - or so I understand it at the moment.
erikrudd - either your security product is as secure as it can be or it isn't! Their's isn't, they know it, and have elected to warm their thumb in response to the issue!;) Me, I just hate for a piece of software not to work as advertised. I'll turn the tables here with the one software firewall I would recommend last: BlackIce Defender - it doesn't claim to provide protection from inside-out breaches such as this, but provides very strong inbound protection. Viewed that way, BID is a better product than ZA, NPF, SPF and the others! The fact that it offers no protection in this area is beside the point, the point is that it does do what it says it will do: keep others out of your machine!
Don't anyone forget that it was EmilioG who brought all of this out into the light with documentation to back it up! Me, well if I were built a little better, I'd just probably be a grinnin' and rasslin' gators in Louisianna swamps jes fur fun!!:)
[text was edited by author 2000-12-28 14:38:51] | |
CJ
join:2000-07-18
USA
| Well, I guess I stand corrected. I thought that Steve Gibson was the one that found the exploit. Now I know he is just a liaison between the two companies.
So I will publicly apologize for the words that I said about Steve Gibson.
One thing I have learned here is that I have grown very dependent on the information that I collect about security here at DSLReports. Even though the people who post here aren't firewall programmers. I feel that they(2kmaro) are just as knowledgeable if not more about security.
Thank you to Emilio for breaking the story, and both of you (Emilio & 2kmaro) for keeping us all up to date, and correcting us when we are wrong.;) | |
paul613
join:2000-04-19
College Park, MD
| reply to Wildcatboy
said by Wildcatboy:
Statistically 18% of all passwords can be cracked in less than 10 minutes. Alpha numeric passwords such as the one Wheelert mentioned 18VSO3ZFQ are generally good. This one can be broken on a 400 MHZ machine in about 5.5 hours. Most 14 digit alphanumeric passwords can be cracked in less than 48 hours in fact 80% of all passwords can be cracked in that time. For the most secure passwords choose 14 digit passwords with all possible characters such as H3+3d?(]B4`@~| This will take a maximum of 480 hours on a pentium 300. .
1st of all where did you get this information from, I would like to read the articles. My understanding that it would take several weeks with a high powered system solely dedicated to the task to break 128bit encrypted passwords.
2. I don't believe that in the boot process it would be possible for a trogran to propigate itself thru your email client without you noticing (why is outlook running on boot up)before YOUR desktop loads. For Non email trogans, WHAT data could it find & collect and send in those few seconds.
It would have to be running in that few second window otherwise your firewall(s) would catch it and Indentify that it is attempting to access the internet.
So that means we are talking about someone trying to "hack" in during a very limited window of opportunity, between the time the NIC driver loads, and completes the network connection and the time ZA loads.(refer to earlier post) and you would have to have a static IP, dedicated connection.
2kmaro You said "does it do what it says it will do: keep others out" I say it does it better than ANY OTHER PROGRAM(As even blackice would be open in that same window) the situation when it is OPEN is very limited(real but limited) and MOST people don't have that setup. Remember everyone here acknowledges NO PROGRAM will be 100%, so you must find the ones with the LEAST risk, this risk is SMALL, limited, and MOST OF ALL SHARED BY ALL OTHER SOFTWARE FIREWALL products.
Now Given that ANY FIREWALL would have this same problem, ZA doesn't contain any of the others pointed out by the Leaktest.
All we have learned from this is (maybe we should have know n this already) is that ZA is NOT perfect. Did we all believe we were 100% safe? Maybe we did. What has troubled many is that WE WANTED TO BELIEVE it was perfect and 100% secure.(rose colored glasses syndrome)
I am disapointed my firewall of choice has a weakness,SURE I am, BUT DAMN GLAD THE WEAKNESS DOESN'T apply to MY configuration.
To sum up, the one known weakness is shared by all software firewalls, and is very limited, and the other weakness found by leaktest do not apply to ZA. So that would still mean it is A GOOD PRODUCT TO HAVE. And still worthy to be recommended.
sorry to drag on but this thread seemed to be steering people away from the fact the issue with ZA was specific and many of the posts are generalizing issues which make it sound as if the problem is one that EVERYONE OF 8 MILLION users share, it is NOT.
--
Don't take life too seriously, you will never get out alive! | |
paul613
join:2000-04-19
College Park, MD
| reply to Wildcatboy
said by Wildcatboy:
I heard my name . Alpha numeric passwords such as the one Wheelert mentioned 18VSO3ZFQ are generally good. This one can be broken on a 400 MHZ machine in about 5.5 hours. Most 14 digit alphanumeric passwords can be cracked in less than 48 hours in fact 80% of all passwords can be cracked in that time.
SORRY I didn't want to include this above.
Let's take that for a second and say that all(for the sake of agruement) passwords can be cracked in 5.5 hours
Lets also say (for agruements sake as well) that the time between driver load connection made and ZA loading is 5 seconds. OK
5.5 hours is 330 minutes which is 19800 seconds.
this password hacker would have transmit a password to be tried within the 5 second window on each boot attempt.
That would mean the number of reboots to test all the "hacker" passwords against your system would be 19800 / 5 = 3960 Reboots(assuming one password per second) How many days would he have to dedicate that connection(leaving himself open to be traced) to Catch that MANY REBOOTS, for your connection. For me at most I reboot my system at home 2 times a day so it would take him
1980 days to complete the task. 5 1/2 years.
I really don't think he is going to be that interested in what I have on my system. And he is NOT going to get anyone's password on the 1st try. OR second or 3rd. So at some point they WILL give up.
I just think we should consider the practicality of it all.
This not a weakness that can or will be exploited by every would be hacker, many don't have the resources or skills to do it(some will have) But the risk to themselves would outweigh the POSSIBLE benefit from hacking some home user's ZA (or other firewall).
TO hide their trail they have to bounce themselves off unsuspecting and unknowing systems they have penetrated, which have to BE ON and running AT The exact time the REBOOT OR BOOT process occurs.
I hope that I am making my thoughts clear, PEOPLE With the skill to pull this off, are not likely to be interested in some UNIDENTIFIED ZA home user, they would 1st identify you as having something they want or need, then you have to have all the RIGHT conditions present on your system, Before they exhust the resources needed to do this.
I really am sorry that my posts have been so long, please all forgive my rantings.
--
Don't take life too seriously, you will never get out alive! | |
2kmaro
Think
Premium,ExMod 1 BC
join:2000-07-11
ColossalCave
clubs:
| For Your Password, I'll MAKE Time!
Paul,
I could very easily write a process on a Win98/ME system to do the following:
1) Wait until boot is complete.
2) Look for ZoneAlarm (or any other software firewall)
3) Shut down ZoneAlarm - and for my own personal protection, stick a duplicate icon on the sys-tray.
4) Open up a comm path and call my master - or just listen for my master. Lets presume I call and get a response. I now have all day to crack passwords - or until you shut down your and when you reboot, I pick up where we left off.
5) I can run Outlook or any MAPI enabled emailer invisibly as a background task on your system, sending little copies of myself to everyone you ever got an email from, or sent one to.
6) and once I've made myself happy with all of this, including sending everything even remotely resembling a file that might possibly contain a password somewhere else, erase your drive.
I'm not a hacker, just a programmer with some experience in the Windows and API world - I could put that all together in a day or so, maybe 3 (got to learn how to handle WinSock better than I know it now). All I have to do then is get a copy delivered on to your computer and I'm in like Flint! Except for the routines to handle comm and examine file contents, all the other routines now exist in my standard little library of tools to put new apps together with. | |
paul613
join:2000-04-19
College Park, MD
| yes but you got to get it to ME, and if you are assuming that I would get it by accident you would be mistaken, In order for that program to get here, You would have to hack in to the system and PUT IT THERE.
And if you shutdown Zone alarm I would know, I actually check my zone alarm frequently(as many do) so A dummy Icon will not cut it.
BUT what you saying HAS ABSOLUTELY NOTHING to do with the issue with ZA.
What you propose is a problem for any firewall, not just ZA which was the point I was making (nothing 100%) about getting the best available product. Your very wise and no doubt you know your stuff. But weren't we discussing the problem with ZA, I agree with you, that type of program would be a problem, but it doesn't relate to the topic at hand.
I would not dispute that a program written by you(or someone else) could do that, I believe they call it BACKORIFICE. And you would have to write your program to get specific information that you think I have ahead of time, you would have to know the name and location of that info. Which is why trogans are not that great of a way to gather anything but a login id and password for some dialup account.
LETS say for arguement you can hack a Microsoft PWL file, and you know where the pwl file is and what it's name is(that is the hard part) OR you ask for all *.pwl files
once you get the pwl (file used by ms to store windows passwords) you then have to hack it (128bit encyption, can not be hacked in 5hours)all most all password hack programs use brute force(list of files vs attempt to log in)
HOW are you going to test it??REPEATEDLY, Undetected?
You can't because as soon as you do it gets changed,
prime example xxx site passwords, there are a ton of sites that list they have the passwords they have Hacked, try one, you will find that it was discovered and changed.
It is way too much effort and risk for a home user's information that may not be anything if you get it.
You would spend your time hacking corporate networks which could provide you with the greatest possibility of information you could use.
But this is all off the topic at hand.
All my points were toward the weakness discovered, someone trying to get into a pc, during a small window, with certain conditions being right.
We call all get trogans, as you suggest, if we are careless.
--
Don't take life too seriously, you will never get out alive! | |
2kmaro
Think
Premium,ExMod 1 BC
join:2000-07-11
ColossalCave
clubs: | Paul - Everything you have just said has been discussed several times in several threads, including this one over the past few weeks. No one is going to argue with you over it. P.S. Overconfidence kills. | |
bf2
Vincere Vel Mori
Premium
join:2000-05-29
Tampa Bay
| Thanks for posting this info
Thanks 2kmaro, and everyone else here in the DSLR security forum for providing the information and exchanging of posts. All of this is getting much more interesting by the hour. This security forum here at dslr is one of my favorite security areas on the web.
--
Misc DSLR creations from bf2
»www.geocities.com/handcannon_99/dwp.htm | |
paul613
join:2000-04-19
College Park, MD
| reply to 2kmaro
Re: For Your Password, I'll MAKE Time!
said by 2kmaro:
Paul - Everything you have just said has been discussed several times in several threads, including this one over the past few weeks. No one is going to argue with you over it. P.S. Overconfidence kills.
Ok, what??? I wasn't trying to argue with you, just trying to explain my position, we can disagree. I don't go around thinking I am going to change everyone's mind to my point of view. The world would be too boring.
I think however your PS was vail'd shot though, and it not really needed. I don't have a problem with you, or the fact we disagree, its ok. But if you could please do me a favor and save that stuff for someone else, if we come to a point we have to say we agree to disagree fine, its cool, the rest isn't required.
--
Don't take life too seriously, you will never get out alive! | |
EmilioG
Whats This?
Premium
join:2000-09-19
New York, NY
| I think what 2K was trying to say about over confidence is that when you rely to heavily on just one thing, one point of view, or one firewall or security setup, that it could be dangerous to your systems safety. 2k himself was very confident that Zone alarm was almost the end all, be all as far as Firewalls. We're all learning that there are things going on behind the scenes that we aren't privy to and should know. Correct me if I'm wrong here.
Zone Labs' has taken it upon themselves to be the arbiters of what we should and shouln't know and what and what does not constitute a "fix" priority. I guess ZL will only go so far in fixing a problem, especially since it's free for all. (except businesses). I'd rather pay for a FW that tells me what it can and can not do.
--
Regards, Emilio
Its failings notwithstanding, there is much to be said in favor of journalism
in that by giving us the opinion of the uneducated, it keeps us in touch with
the ignorance of the community.
-- Oscar Wilde | |
paul613
join:2000-04-19
College Park, MD
| Ok thanks for clearing that up, but the fact that they didn't jump right out the day of the discovery doesn't bother me or speak ill of them. I mean it is large company it takes some time for these things to come to the attention of the right people and then they have to be verified, and hopefully they would have an answer when they address their consumers.
The fact that while NOT publicly(via website or other) addressing the issue yet, they were VERY HONEST AND FORTHCOMING to those who did inquire via Email. SO I don't think they were hiding or conspiring.
Still less then a week, and they are on it, that is not bad.
--
Don't take life too seriously, you will never get out alive!
--
Don't take life too seriously, you will never get out alive!
[text was edited by author 2000-12-28 22:53:34] | |
EmilioG
Whats This?
Premium
join:2000-09-19
New York, NY
| Still less then a week, and they are on it, that is not bad.
said by Paul613
actually, its been 10 weeks.
--
Regards, Emilio
Its failings notwithstanding, there is much to be said in favor of journalism
in that by giving us the opinion of the uneducated, it keeps us in touch with
the ignorance of the community.
-- Oscar Wilde | |
paul613
join:2000-04-19
College Park, MD | NOT since YOU posted the info and started emailing them, it's been a few days since this has pop'd up here. If you knew this 10 weeks ago why wait to post till this week?
--
Don't take life too seriously, you will never get out alive! | |
EmilioG
Whats This?
Premium
join:2000-09-19
New York, NY
| ZONE LABS has known for 10 weeks and I posted when I first started reading about it about two weeks ago.
WIndows security vulnerabilities to be reported by Diamond Computer systems. Click HERE and scroll to the bottom item.
--
Regards, Emilio
Its failings notwithstanding, there is much to be said in favor of journalism
in that by giving us the opinion of the uneducated, it keeps us in touch with
the ignorance of the community.
-- Oscar Wilde | |
|
