Month of .. who?!

[This was originally published on the OSVDB blog.],00.shtml

A Month of Rixstep Bugs

It’s a win-win proposition.

Starting now and for the duration of January 2007 Rixstep will be holding a ‘Month of Rixstep Bugs’ campaign: find a bug in any Rixstep software product and win a prize.

It’s not a win-win proposition, it is a lame gimmick. After the month of apple bugs, week of (cancelled) oracle bugs, and the month of linux kernel bugs, Rixstep wants in on the bandwagon. Few small problems:

  1. They posted this announcement on the 4th, not even giving a full month.
  2. They didn’t post this to Bugtraq, Full-Disclosure, or any other security list/resource I monitor.
  3. Rixstep doesn’t have the saturation that Linux, Apple or Oracle do. It is considerably easier to test those products and platforms versus Rixstep, who many of us have never heard of, let alone seen deployed.

If you want to play with the big boys Rixstep, man up and put some of your products up on your site and post the challenge to Bugtraq and Full-Disclosure.

Leave a Reply

%d bloggers like this: