Bugtraq mailing list archives
Re: Pro Disclosure (was Re: UnixWare)
From: bet () std sbi com (Bennett Todd)
Date: Sat, 30 Apr 1994 04:36:44 -0400 (EDT)
Paul A Vixie writes:
Generally what happens is: a bad guy finds a hole lots of bad guys use the hole ...
I agree with your timeline. Unfortunately, I'm not interested in it after step 2. When lots of people are exploiting a hole, I want the details of that hole made widely available --- I want several orders of magnitude more people able to work on fixes and workarounds. Happily, many other people seem to agree; I'm optimistic that the typical time between bug discovery and widespread bug fixing may drop from years to months. Maybe even, with work, to weeks. Once lots of people are exploiting the bug, I think keeping it out of system administrators' hands changes from well-intentioned foolishness to seriously irresponsible, destructive behavior. This, as best I recall, is why the bugtraq list was started. -Bennett bet () sbi com
Current thread:
- Pro Disclosure (was Re: UnixWare) Carl Corey (Apr 29)
- Re: Pro Disclosure (was Re: UnixWare) Bennett Todd (Apr 29)
- Re: Pro Disclosure (was Re: UnixWare) Paul A Vixie (Apr 30)
- Re: Pro Disclosure (was Re: UnixWare) Bennett Todd (Apr 30)
- Re: Pro Disclosure (was Re: UnixWare) Steven C. Blair (Apr 30)
- Re: Pro Disclosure (was Re: UnixWare) Pat Myrto (Apr 30)
- Re: Pro Disclosure (was Re: UnixWare) Paul A Vixie (Apr 30)
- Re: Pro Disclosure (was Re: UnixWare) Oliver Friedrichs (Apr 30)
- Re: Pro Disclosure (was Re: UnixWare) Matthew Gream (Apr 30)
- Re: Pro Disclosure (was Re: UnixWare) Bennett Todd (Apr 29)