Dailydave mailing list archives
News is about the details
From: Dave Aitel <dave () immunityinc com>
Date: Wed, 14 Jun 2006 09:46:26 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 So it's interesting to me that Sans Diary likes to do the same thing that CNN does that annoys me, which is cover up their sources. I think if there's anything that separates blogging from journalism, it's that blogging is typically more useful because it contains pointers to the original source material. In this case, the "penetration testing company" that released exploits "to their customers" is Immunity (specifically, we released exploits to our Partner's program). It's interesting to me because it's rare that a wormable vulnerability comes out, even if it's not wormable on the default configuration of XP SP2. Is it rare because of Microsoft's hard work in securing their latest systems? No doubt this has had an effect. But also possibly the complete commercialization of the vulnerability market has taken the best bugs out of public auctions, so to speak. Also interesting: Is it a totally new ballgame when people can take advisories->exploits in a few hours, and then using some sort of Nematode-like technology transform those immediately into worms? Essentially this is faster than Windows Update. If you have a big enough network, it's faster than any update technology you can deploy, even discounting patch QA time. One thing I think Microsoft DOES have to change is their classification system for "remote" versus "remote (but really client-side)". It's confusing to the public, and it keeps overworked system administrators from focusing on what the real problems are for their networks. Just IMHO. Perhaps Andrew Cushman will discuss this in his newly announced BlackHat talk! :> - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFEkBMyB8JNm+PA+iURAgTRAKCvohikTn57yM1CNzcPaJv9f/71IwCfc/4s h5f+e32I/yGmvmjpmWuhbWk= =011L -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- News is about the details Dave Aitel (Jun 14)
- <Possible follow-ups>
- Re: News is about the details Steven M. Christey (Jun 20)
- Re: News is about the details Isaac Dawson (Jun 21)
- PaiMei RE Framework Pedram Amini (Jun 21)