[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] Possible spammer or what?
- Subject: RE: [cobalt-users] Possible spammer or what?
- From: baltimoremd@xxxxxxxxxxxxxxx
- Date: Tue Aug 21 23:23:13 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Wed, 22 Aug 2001, Greg Hewitt-Long wrote:
> >On Tue, 21 Aug 2001, Greg Hewitt-Long wrote:
> >
> >> >http://www.worldwidemart.com/scripts/formmail.shtml
> >>
> >>
> >> And one of the most abused scripts in the history of CGI enters another phase,
> >> whereby it will *PROBABLY* take *AT LEAST* a month for some kid to find
> >> another exploit!
> >
> >Did you even bother to go to the url and read the changes? Did you
> >compare them to any of the fixes for formmail that have been posted
> >in various lists, web pages, etc?
>
>
> Yes, we keep abreast of World Wide Mart script releases -
>after all, Matt Wright *IS* from Fort Collins - Did you check out where
>our offices were, view *OUR* web site - make any connection? Any
>inference, or are you simpy applying your own 'half-baked' logic?
Your location relative to any software author doesn't have anything to do
with the script, it's plusses and minuses, etc.
You know, you're pretty quick to accuse folks, aren't you? And you seem
to have a penchant for attributing negative things of your own making to
others.
>
> >
> >>
> >> Sorry - don't trust it as far as I can throw it - next thing, you'll be
> >> telling me that windoze is cool and Microshaft has my best interests at
> >> heart! *** PAH!!! ***
> >
> >No, I don't engage in that type of strawman logic...I'll leave it to you
> >to make assumptions and attribute things to others that they never said.
>
>
> We'll simply not implement scripts and tools which have a history of being
> abused -
Ah, so that means you don't use any of the cobalt scripts, packages that
may have been compromised at one time or another?
whether the author claims to have fixed it (v1.7) and then
fixed it again (v1.8) then most recently, fixed it again with v1.9 - do you
HONESTLY think it's wise to take HIS WORD FOR IT?
Well, let's see, it appears that exploits were discovered, corrections
were made. Granted, if Matt Wright had a crystal ball, he could have written
the script years ago to counter the recent exploits.
Come to think of it...everyone who came up with a fix for the script
should have used their crystal ball years ago, to not only indentify the
exploit(s), but also fox them. Shame on all of them for not being
prognosticators of future events.
> >
> >Of course, since you seem to be so knowledgeable about formmail, you could
> >do us all a favor and tell us why the new version is so bad.
>
>
> Please refer to my previous sentence - I don't trust something that's been
> proven to be security risk 3 releases in a row - my natural distrust of
> people who have REPEATEDLY been proven wrong prevents me from taking
> something they claim with a new release as gospel.
You still haven't answered the question about whether or not the new
version incoporates fixes. Not that anyone really cares, but I believe
someone as objective and knowledgeable as yourself might actually be a
great source of information about the script.
> If you are rather more trusting of software authors whose products have been
>found lacking many, many, MANY times before, that is indeed, up to you!
Interesting point. Perhaps you'll release the perfect script...I'll be
happy to beta test it.
>If so, I have some excellent *BARGAINS* you may be interested in - want
to buy a used car for starters?
Tell ya buddy, based on your pompous attitude, strawman logic and proven
track record in this thread of attributing things to me that I never said,
I wouldn't buy water from you if I was in the desert.
thom