Shiver me timbers.

[full-disclosure () lists netsys com (Timothy J.Miller)]

On Monday, August 19, 2002, at 08:30 AM, aliver () xexil com wrote:

>       Perhaps. However, the analogy may not be apt.

Actually, it's more apt than you think.

>       Secondly, in your analogy the person who points out that the gas
> tank tends to explode is a person who found that out from a coincidental
> experience, and without any effort or foreknowledge of his own. Ask
> yourself if this parallels our situation. Vulnerabilities are not
> something that often manifest themselves to people with no technical
> knowledge who aren't looking for them. A person with experience and
> specific ability is almost always the one to find them. That person, or
> someone like him must use that knowledge to create an exploit, and 
> that's
> not something that just anyone can do. It takes both skill, and effort.

Auto mechanics find engineering and manufacturing defects in automobiles 
all the time.  They also, on the whole, report them to the auto 
manufacturer *as well as* their customers, even though it could be 
argued that it is in their best interest to keep it to themselves (thus 
insuring repeat business).

-- Cerebus