<<<
Chronological Index
>>> <<<
Thread Index
>>>
[ga] Re: Google Chrome Invalid FTP Server Response Remote Denial of
- To: Eric Dierker <cogitoergosum@xxxxxxxxxxxxx>, lauren@xxxxxxxx, vint@xxxxxxxxxx, a2k@xxxxxxxxxxxxxxxxxxx, ga@xxxxxxxxxxxxxx
- Subject: [ga] Re: Google Chrome Invalid FTP Server Response Remote Denial of
- From: "Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>
- Date: Fri, 9 Apr 2010 17:36:45 -0500 (GMT-05:00)
<HEAD>
<STYLE>body{font-family:
Geneva,Arial,Helvetica,sans-serif;font-size:10pt;font-family:arial,sans-serif;background-color:
#ffffff;color: black;}p{margin:0px}</STYLE>
<META content="MSHTML 6.00.6000.16825" name=GENERATOR></HEAD>
<BODY id=compText>
<P>Eric and all,</P>
<P> </P>
<P> Agreed unsafe use by a user of any product is exclusionary. In
this instance however such an exclusion</P>
<P>clearly does not apply as the evidence to which I and the finder provided in
the link. Ergo Google's</P>
<P>responsibility and therefore liability remains extant accordingly.</P>
<P> </P>
<P> Certainly I am not in favor of a "Nanny State" as you put it, but I
also side with the principal</P>
<P>and idea that consumer protections against errant business or product
providers is essential</P>
<P>in any free and open society for many varied and obvious reasons that have
been articulated</P>
<P>for many decades now, in and out of court accordingly. Strengthining
such protections given</P>
<P>the advancement of technology and expansion of business activities on a
global scale also</P>
<P>seem more than reasonable, yet we must also guard against going too far in
this direction.<BR><BR><BR></P>
<BLOCKQUOTE style="PADDING-LEFT: 5px; MARGIN-LEFT: 0px; BORDER-LEFT: #0000ff
2px solid">-----Original Message----- <BR>From: Eric Dierker
<COGITOERGOSUM@xxxxxxxxxxxxx><BR>Sent: Apr 9, 2010 11:53 AM <BR>To:
lauren@xxxxxxxx, vint@xxxxxxxxxx, a2k@xxxxxxxxxxxxxxxxxxx, ga@xxxxxxxxxxxxxx,
"Jeffrey A. Williams" <JWKCKID1@xxxxxxxxxxxxx><BR>Cc: benl@xxxxxxxxxx,
schneier@xxxxxxxxxxxx, cstamer@xxxxxxxxxxxxxxxxxxx, fbi.dallas@xxxxxxxxxx,
ssene@xxxxxxxxxxxx, wilshuseng@xxxxxxx, greg.abbott@xxxxxxxxxxxxxxx,
baptista@xxxxxxxxxxxxxx, peggy.himes@xxxxxxxx, robert.smith1@xxxxxxxxxxxxx,
monitor@xxxxxxxxxxxxx, tracyhackshaw@xxxxxxxxx, tglassey@xxxxxxxxxxxxx,
public.information@xxxxxxxxxxxxxxx, Kimberly.Peretti@xxxxxxxxx,
wendy@xxxxxxxxxxx <BR>Subject: Re: Google Chrome Invalid FTP Server Response
Remote Denial of <BR><BR>
<TABLE cellSpacing=0 cellPadding=0 border=0>
<TBODY>
<TR>
<TD vAlign=top>
<DIV>Jeff,</DIV>
<DIV> </DIV>
<DIV>Point well taken but I still argue caution when subscribing to theories of
liability of a provider for wrongful conduct of a user. The obvious easy cases
are defamatory republication of a known falsehood that clearly injures
another. But the hard cases are driving a fiat to a bank robbery. Fiat
and probably google should not be responsible for anothers unsafe use of a
product.</DIV>
<DIV> </DIV>
<DIV>We should not become a Nanny state and protect all from the evils of some
by holding business responsible for something foreseeable but not reasonable.
Conclusions aside The US Supreme Courts first Jewish/Hispanic member Cordoza
probably laid the arguments out quite well in Palsgraf vs. Long Island RR --
(which I just confirmed using Google Chrome)</DIV>
<DIV> </DIV>
<DIV>When we say obedience of the Law is Our Greatest Freedom -- We must
remember Abe was speaking of higher laws and right and wrong and not
expediency. Although I must say I feel much more free to talk on my cell phone
when driving the speed limit ;-)<BR><BR>--- On <B>Thu, 4/8/10, Jeffrey A.
Williams <I><jwkckid1@xxxxxxxxxxxxx></I></B> wrote:<BR></DIV>
<BLOCKQUOTE style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT:
rgb(16,16,255) 2px solid"><BR>From: Jeffrey A. Williams
<jwkckid1@xxxxxxxxxxxxx><BR>Subject: Google Chrome Invalid FTP Server
Response Remote Denial of<BR>To: lauren@xxxxxxxx, vint@xxxxxxxxxx,
a2k@xxxxxxxxxxxxxxxxxxx, ga@xxxxxxxxxxxxxx<BR>Cc: benl@xxxxxxxxxx,
schneier@xxxxxxxxxxxx, cstamer@xxxxxxxxxxxxxxxxxxx,
cogitoergosum@xxxxxxxxxxxxx, fbi.dallas@xxxxxxxxxx, ssene@xxxxxxxxxxxx,
wilshuseng@xxxxxxx, greg.abbott@xxxxxxxxxxxxxxx, baptista@xxxxxxxxxxxxxx,
peggy.himes@xxxxxxxx, robert.smith1@xxxxxxxxxxxxx, monitor@xxxxxxxxxxxxx,
tracyhackshaw@xxxxxxxxx, tglassey@xxxxxxxxxxxxx,
public.information@xxxxxxxxxxxxxxx, Kimberly.Peretti@xxxxxxxxx,
wendy@xxxxxxxxxxx<BR>Date: Thursday, April 8, 2010, 8:58 PM<BR><BR>
<DIV class=plainMail>All,<BR><BR> For thos using Google's Chrome product
the this FYI should be<BR>of interest to you. I am hopeful that Google
will get this fixed<BR>ASAP and still hopeful that Google will as some point do
much<BR>better testing of it's products BEFORE offering them for
public<BR>use. Vint and Ben, perhaps you can re-double your efforts in
this<BR>direction?<BR><BR>See:<A
href="http://www.trapkit.de/advisories/TKADV2010-004.txt";
target=_blank>http://www.trapkit.de/advisories/TKADV2010-004.txt</A><BR>Title:
Google Chrome Invalid FTP Server Response Remote Denial
of<BR>Service<BR>Description: Google Chrome is a web browser. The application
is exposed<BR>to a remote denial of service issue because it fails to
handle<BR>user-supplied input. An attacker can trigger this issue by enticing
an<BR>unsuspecting user into visiting a malicious web page that contains
a<BR>referral to a malicious FTP server. Google Chrome version
4.1.249.1042<BR>is affected.<BR><BR>Regards,<BR><BR>Jeffrey A.
Williams<BR>Spokesman for INEGroup LLA. - (Over 294k members/stakeholders and
growing, strong!)<BR>"Obedience of the law is the greatest freedom"
-<BR> Abraham Lincoln<BR><BR>"Credit should go with the
performance of duty and not with what is very<BR>often the accident of glory" -
Theodore Roosevelt<BR><BR>"If the probability be called P; the injury, L; and
the burden, B; liability<BR>depends upon whether B is less than L multiplied
by<BR>P: i.e., whether B is less than PL."<BR>United States v. Carroll
Towing (159 F.2d 169 [2d Cir.
1947]<BR>===============================================================<BR>Updated
1/26/04<BR>CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of<BR>Information Network Eng. INEG. INC.<BR>ABA member in good
standing member ID 01257402 E-Mail <A
href="http://us.mc839.mail.yahoo.com/mc/compose?to=jwkckid1@xxxxxxxxxxxxx";
ymailto="mailto:jwkckid1@xxxxxxxxxxxxx";>jwkckid1@xxxxxxxxxxxxx</A><BR>Phone:
214-244-4827<BR><BR></DIV></BLOCKQUOTE></TD></TR></TBODY></TABLE></BLOCKQUOTE>Regards,<BR><BR>Jeffrey
A. Williams<BR>Spokesman for INEGroup LLA. - (Over 294k members/stakeholders
and growing, strong!)<BR>"Obedience of the law is the greatest freedom"
-<BR> Abraham Lincoln<BR><BR>"Credit should go with the performance
of duty and not with what is very<BR>often the accident of glory" - Theodore
Roosevelt<BR><BR>"If the probability be called P; the injury, L; and the
burden, B; liability<BR>depends upon whether B is less than L multiplied
by<BR>P: i.e., whether B is less than PL."<BR>United States v. Carroll
Towing (159 F.2d 169 [2d Cir.
1947]<BR>===============================================================<BR>Updated
1/26/04<BR>CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of<BR>Information Network Eng. INEG. INC.<BR>ABA member in good
standing member ID 01257402 E-Mail jwkckid1@xxxxxxxxxxxxx<BR>Phone:
214-244-4827<BR></BODY>
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|