Full Disclosure mailing list archives
zen-parse () gmx de is not zen-parse () gmx net
From: daniel_clemens () birmingham-infragard org (daniel.clemens)
Date: Sun, 6 Oct 2002 15:35:36 +0000 (GMT)
However, it's highly surprising that the Apache developers call the iDefense approach "reasonable disclosure". Is it reasonable to disclose critical information on new security vulnerabilities to potential but paying blackhats *on* *the* *same* *day* *the* *vendors* *are* *notified*?
I think what the apache developers might be saying may sound something closer to ' I/We think that this type of disclosure is more realistic' ( Assuming that their was a blackhat that developed the hack and it had been 0day for a while with that particular blackhat/or blackhatters....) -Dan
-- Florian Weimer Weimer () CERT Uni-Stuttgart DE University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
------------------------------------ http://www.birmingham-infragard.org p. 205.328.4200 emerg. 877.806.8928 Esse quam videra (to be, rather than to appear) -----------------------------------
Current thread:
- zen-parse () gmx de is not zen-parse () gmx net zen-parse (Oct 04)
- zen-parse () gmx de is not zen-parse () gmx net Florian Weimer (Oct 06)
- zen-parse () gmx de is not zen-parse () gmx net daniel.clemens (Oct 06)
- zen-parse () gmx de is not zen-parse () gmx net Ben Laurie (Oct 07)
- zen-parse () gmx de is not zen-parse () gmx net Florian Weimer (Oct 07)
- zen-parse () gmx de is not zen-parse () gmx net Ben Laurie (Oct 07)
- zen-parse () gmx de is not zen-parse () gmx net Florian Weimer (Oct 07)
- zen-parse () gmx de is not zen-parse () gmx net Florian Weimer (Oct 06)
- <Possible follow-ups>
- re: zen-parse () gmx de is not zen-parse () gmx net zen-parse (Oct 06)