Bugtraq mailing list archives
Re: Security through obscurity, etc.
From: jmc () telecom ksu edu (James M. Chacon)
Date: Tue, 13 Dec 1994 09:04:56 -0600 (CST)
At least you can't use CERT's advisory to crack root on a site, and wipe out important files; 8lgm's advisories were, and in fact are being used for those purposes as well.
Wrong...I've used the information in CERT advisories to give me a good idea where and what I'm looking for. I've "reverse-engineered" so to speak a fair amount of Cert's announcements into actaul problems I could show people around here. All Cert's announcements do is delay the time people get to even know a bug exists....I'm not really for the 8lgm concept completely, but at least there they don't feel this overwhelming need to not hurt the various manufacturers feelings.... James
Current thread:
- Re: Security through obscurity, etc. Jason Matthews (Dec 12)
- Re: Security through obscurity, etc. jsz (Dec 12)
- Re: Security through obscurity, etc. Jason Matthews (Dec 12)
- Re: Security through obscurity, etc. jsz (Dec 13)
- Re: Security through obscurity, etc. joshua geller (Dec 13)
- No more religious wars please! (was Re: Security through obscurity, Christopher Samuel (Dec 13)
- Re: Security through obscurity, etc. James M. Chacon (Dec 13)
- Re: Security through obscurity, etc. Oliver Friedrichs (Dec 13)
- Re: Security through obscurity, etc. Leo Bicknell (Dec 13)
- Re: Security through obscurity, etc. Oliver Friedrichs (Dec 13)
- Re: Security through obscurity, etc. Jason Matthews (Dec 12)
- Re: Security through obscurity, etc. Jim Littlefield (Dec 14)
- Re: Security through obscurity, etc. jsz (Dec 12)
- Re: this is interesting... Paul 'Shag' Walmsley (Dec 13)
- <Possible follow-ups>
- Re: Security through obscurity, etc. Richard Forno (Dec 12)
- Re: Security through obscurity, etc. der Mouse (Dec 16)