Dailydave mailing list archives
Re: The long tail of vulnerable operating systems
From: "Lance M. Havok" <lmh () info-pull com>
Date: Wed, 14 Nov 2007 16:22:25 +0100
Heil Krahmer! It's always good to hear back from mr. stealth :>
Theres one big mistake in thinking. Just because exploits do not show up on packetstorm or bugtraq anymore does not mean that they do not exist. You all should know that the fun of the 90's became professional somewhere in 2000.
We definitely agree on that one. Just because CVS exploits don't get stolen, does not mean they were not stolen already. As my grandma used to say (may she rest in piss, or peace): take it easy, and let the good times roll.
And if one really thinks that nobody is using Solaris (except gov) anymore; one just dont know business and should retire :-) All big telcos and ISPs use Solaris for sure. and all the safety-critical systems use unix in some way, let it be AIX, Solaris or of course Linux ;-)
You must count everyone who uses Solaris for breaking it too, for example, we have iDefense as a great example of someone taking a profit from AIX exploits, apart of East European juice mafia for banging ATMs.
If you are a bad guy and want to pwn one of the fortune50(0)'s you better have some solaris,aix and irix exploits in your bag ;-)
Not really, if you want to pwn one of the Fortune 500 companies, you only need to be a Google shareholder. And again, let the Gmail times roll! (please note: back in the day, even the Google's kitchen guy had shares at the company, the good old stock options and what not). Now they support IMAP. BTW, don't good guys do Fortune penetrations? Because that's what a penetrator's job is all about. Hence why people buy CANVAS. The point is, why having exploits makes you a bad guy? Am I being naive about your message? We should be all tolerant towards others. Ambiguous morality is really weak and damn Cold War-style. Let a hundred flowers bloom, let the hundred schools of thought contend; we are not enemies, but friends. And at the right time, I'll be there to support those who mow down the raising flowers, to set the hill back in order and peace for the people. Lance, dreaming about spring. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- The long tail of vulnerable operating systems Dave aitel (Nov 12)
- Re: The long tail of vulnerable operating systems Eduardo Tongson (Nov 12)
- Re: The long tail of vulnerable operating systems Lance M. Havok (Nov 13)
- Re: The long tail of vulnerable operating systems Kurt Grutzmacher (Nov 14)
- Re: The long tail of vulnerable operating systems Sebastian Krahmer (Nov 14)
- Re: The long tail of vulnerable operating systems Lance M. Havok (Nov 15)
- Re: The long tail of vulnerable operating systems Eduardo Tongson (Nov 12)
- Re: The long tail of vulnerable operating systems Dude VanWinkle (Nov 13)
- Re: The long tail of vulnerable operating systems Thomas Ptacek (Nov 13)
- Re: The long tail of vulnerable operating systems Matt Hargett (Nov 15)
- Re: The long tail of vulnerable operating systems Steve Shockley (Nov 13)
- Re: The long tail of vulnerable operating systems Katie M (Nov 13)
- Re: The long tail of vulnerable operating systems Darryl Luff (Nov 14)
- Re: The long tail of vulnerable operating systems dan (Nov 15)
- Re: The long tail of vulnerable operating systems Adriel Desautels (Nov 14)
- Re: The long tail of vulnerable operating systems Katie M (Nov 15)
- Re: The long tail of vulnerable operating systems Adriel Desautels (Nov 15)
- Re: The long tail of vulnerable operating systems Darryl Luff (Nov 14)