Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Security through obscurity, etc.

From: jason () dickory sdsu edu (Jason Matthews)
Date: Mon, 12 Dec 1994 22:47:53 -0800 (PST)

On Tue, 13 Dec 1994, jsz wrote:


CERT consists of beaurocrats; 8lgm of posers -- what's a difference, 
after all?


8lgm does not pretend to be god's gift to the net.



At least you can't use CERT's advisory to crack root on a site, and wipe
out important files; 8lgm's advisories were, and in fact are being used
for those purposes as well.


I am sure this has been said by doozens of people but:
If you restrict exploits to the script hackers then only the script hackers
will know what they are. In turn, organizations like CERT will not know 
what they are until some time after the release; when the effects can be 
exaimed second hand.

Pick your posion.

Jason

----------------------------------------------------------------------------
jason () dickory sdsu edu                         San Diego State University
jason () mentor sdsu edu                    College of Engineering
jason () BOOM extern ucsd edu               Electrical*Computer Engineering 
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: