9 Nov 2001 20:42:08

Michelle reports on first contact with ZL.

   From: Michelle Delio
     To: Tom Liston, radsoft.net
   Date: Fri, 9 Nov 2001 20:42:08
Subject: RE: A paragraph or two clearly explaining...


hi guys,

I explained to ZA that there is a security issue, a design flaw, with the
product that causes it not to live up to it's PR. They are setting up an
interview with a couple of their execs for monday am. They asked me to
outline the problem, so they could do a little 'research' prior to
interview. That seemed fair, and it's totally par for the course with
exploits/flaws so I gave them a surface rundown of what the problem is.

I suggested that I *might* be able to convince 'one of the security experts
that we work with at wired' to lend his website to host some sort of a demo
of the flaw. how would either of you feel about 'volunteering?' We could
send them whatever version of outbound you guys want, and direct them to
hackbusters or radsoft. Seems more logical to send to hackbusters since it's
set up, but it's up to you guys. The idea being I'd have convinced you to
host this for demo purposes only. They don't need to know who actually
discovered flaw until story goes up. But I think they'd get the point more
clearly if they actually see it in action. Then again, we can do it without
a demo, so no biggie. I do want *them* to ask for the demo before we send
them a link, just to cover butts.

Your call. lemme know how you'd like to proceed.

M

Prev | TOC | Next