CNBC: Security Experts 'Shocked' by Palm's WebOS Vulnerabilities - Page 2

akitayo · 04/16/2010, 05:30 PM

If all the bugs of 1.3.5 were fixed with 1.4 IMO it was not smart to post this info and just when Palm is about to launch Pre Plus and Pixi plus with 3 carriers, O2, Vodafone and SFR.

Who wants to make evil damage to Palm at this time, with old news, already not happening anymore.

I suggest to make an addedum on front page, something like NO MORE BUGS ON WEBOS AFTER 1.4.1 more or less.

usnis0922 · 04/16/2010, 09:04 PM

Quote:

Originally Posted by akitayo

If all the bugs of 1.3.5 were fixed with 1.4 IMO it was not smart to post this info and just when Palm is about to launch Pre Plus and Pixi plus with 3 carriers, O2, Vodafone and SFR.

Who wants to make evil damage to Palm at this time, with old news, already not happening anymore.

I suggest to make an addedum on front page, something like NO MORE BUGS ON WEBOS AFTER 1.4.1 more or less.

Ya this is like posting on facebook saying your neighbors wife is a **** and not telling him directly. Either your trying to screw up their relationship or you really went about adressing the concern the wrong way.

crogs571 · 04/16/2010, 11:38 PM

So two lies make a right?

Quote:

Originally Posted by akitayo

I suggest to make an addedum on front page, something like NO MORE BUGS ON WEBOS AFTER 1.4.1 more or less.

Tiddlekins · 04/17/2010, 01:05 AM

Quote:

Originally Posted by 6tr6tr

Was the SMS vulnerability patched? Can anyone point me to real evidence of this?

The video that the security group released specifically mentions that 1.4 is not vulnerable, and that Palm fixed the issue after it was reported to them.

The way that responsible disclosure works is you report the vulnerability to the company first, allow them to develop a patch, wait until after the patch has been released, and then report on the vulnerability in public. That is the path that was followed here.

antonio3 · 04/17/2010, 01:11 AM

Quote:

Originally Posted by Tiddlekins

The video that the security group released specifically mentions that 1.4 is not vulnerable, and that Palm fixed the issue after it was reported to them.

The way that responsible disclosure works is you report the vulnerability to the company first, allow them to develop a patch, wait until after the patch has been released, and then report on the vulnerability in public. That is the path that was followed here.

The issue i have is.. it's VERY misleading. And almost hides the fact that they have patched these issues, with words like shocked and not safe.

This same exact article can be re-written.. Palm Quick to fix issues brought to them. But this is a New OS and platform.. things will be found.

But a good pen tester can prob tear into WebOS pretty good.

04/16/2010, 05:30 PM	#21 (permalink)
akitayo News Contributor Join Date: Apr 2009 Posts: 1,586 Likes Received: 53 Thanks: 114 Thanked 637 Times in 240 Posts	If all the bugs of 1.3.5 were fixed with 1.4 IMO it was not smart to post this info and just when Palm is about to launch Pre Plus and Pixi plus with 3 carriers, O2, Vodafone and SFR. Who wants to make evil damage to Palm at this time, with old news, already not happening anymore. I suggest to make an addedum on front page, something like NO MORE BUGS ON WEBOS AFTER 1.4.1 more or less.
	Liked by

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode