From: Hatredman <hen...@te...> - 2004-12-22 13:36:58
|
This is a bug report generated by aMSN about that annoying SB bug. But, reviewing it, I also noted that this report contains not only the bug report but a SERIOUS DISCLOSURE OF PERSONAL INFORMATION, that can be used by hackers to break into the bugreporter's computer. These informations are marked as SECURITY FLAWs in the file. I really don't care myself this data would go public, but if this flaw is released to the public it would be a great opportunity for M$ to say "aMSN is insecure, use our official MSN Messenger". Or maybe something worse. My suggestion is to modify the bug report generation code to change the user (and contacts) information by text placeholders like USER_EMAIL, CONTACT_EMAIL, CONTACT_NICK and so on. This should not be so difficult to, and the lack of the real information would not make it more difficult for bug hunters to track the bug. Or maybe not. What do I know? -- Hatredman hat...@us... We've always had him! http://www.ericblumrich.com/thanks.html |