New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Yep, I hate passing on vague details to clients.
So you guys would prefer that they tell the hackers what they found before everyone has had a chance to update?
No, but I would like knowing more than "we just pushed a minor update"
Would be lovely to know what the update contains, or which feature was modified.
We're not asking for PoC on code they have fixed, but some idea if its a security fix and progress in the audit.
For all we know, R8 may have fixed some spelling errors.
Surely there is a spectrum between "here are the holes in our software that you can exploit" and "here's a minor update".
Here's some more info from Phil:
"R7 was security related and you should upgrade to that.
R8 is just a set of code changes that were made when auditing. Nothing in those changes are critical to security.
The internal audit is still underway and very close to be complete. The external audit is being done by http://www.cnsgroup.co.uk/ who do audits for the police, banks etc and are a real outfit. We completed the application and are meeting with them within the next 7 days. We will then get a date from them on when the audit will be started. There is no current ETA on this as of yet.
We will announce when the internal audit is done shortly and we may have more information on the external audit."
external audit is being done, but meeting with them next 7 days?
So pretty much, we are stuck with disabled SolusVM's with no ETA?
I wonder will they push my billing date for the next 150$ that I will have to pay them in a 2 weeks
(of course not)