[Opensim-dev] Is this anything to worry about?
Ralf Haifisch
ralf at ralf-haifisch.biz
Sun Apr 12 11:05:49 UTC 2009
This is over one year old... :-)
And the guy did follow the usual rule not to open real serious hidden
problems to the public, more to demonstrate some basic principles and
outline where to look for more.
Some of the stuff is even more a legal perspective. If you operate a region
(or a monolithic second life grid here) and allow email and http to ouside,
you are (in many countries) responsible for what is going on. This
functionality is to be considerer a "functional risc". The (legal,
commercial) risc comes from wanted functionality and is usually transformed
(via ToS and insurance) and reduced (e.g. by limiting messages via the email
relay).
Not to big worries here.
Cheers,
Ralf
----------------------------------------------------------------------
Message: 1
Date: Sat, 11 Apr 2009 22:45:50 +0200
From: "Colin B. Withers" <Colin.Withers at eumetsat.int>
Subject: [Opensim-dev] Is this anything to worry about?
To: "opensim-dev at lists.berlios.de" <opensim-dev at lists.berlios.de>
Message-ID:
<B293F9025AB9DF4BBD3BC3403F25DA4501609B67734C at EXW10.eum.root.eumetsat.int>
Content-Type: text/plain; charset="us-ascii"
Hi,
Someone has sent me this link for a possible blog article. However, I don't
think this would make a suitable article, but I would be interested in the
views of any of the devs on the claimed vulnerabilities.
http://www.blackhat.com/presentations/bh-europe-08/Thumann/Presentation/bh-e
u-08-thumann.pdf
Rock
More information about the Opensim-dev
mailing list