Full Disclosure mailing list archives

Re: A Few Realities About Security Re: Microsoft Cries Wolf ( again )

From: "Justin Shin" <zorkshin () tampabay rr com>
Date: Thu, 3 Jul 2003 23:50:52 -0400

Of course he is. His "team" has no background info, probably just a 15 year
old kid sitting in his basement. Obviously anyone with such information
would immediately publish it in the hope that it would lead to a solution,
or at least bring them instant fame. Actually, I find it ironic that he
won't post the vulnerability to a mailing list called full-disclosure.

I guess that leads me to another rant: all of these magazine articles
talking about how mailing lists like this one and bugtraq "hurt" the
security community. Ha! Would you rather us be kept in the dark and
disconnected from eachother, so that the morons can run a Perl script they
found on an underground hacking web site.

-- Justin Shin

----- Original Message -----
From: "Gordon McKillop" <gud () gmx co uk>
To: <full-disclosure () lists netsys com>
Sent: Thursday, July 03, 2003 11:02 PM
Subject: Re: A Few Realities About Security Re: [Full-disclosure] Microsoft
Cries Wolf ( again )



You said it, dude.

It sounds like secresearcher was talking out his ass.

If theres a vuln discovered in a piece of software everyone should know
straight away. That way the attackers and defenders are on an even playing
ground; patch up, disable or run the risk.

If you leave people in the dark then who knows who else knows about the
vuln?

All the vulnerable systems sit unpatched and undisabled.

If one guy found it, another one could too, and he might not be as
altruistic
as the first guy.

Take it easy,
Gud.

On Friday 04 Jul 2003 2:14 am, Justin Shin wrote:

Note the name:

[full-disclosure]

-- Justin Shin
----- Original Message -----
From: <infosysec () hushmail com>
To: <secresearcher () hushmail com>; <full-disclosure () lists netsys com>
Sent: Thursday, July 03, 2003 6:41 PM
Subject: RE: A Few Realities About Security Re: [Full-disclosure]

Microsoft

Cries Wolf ( again )



OK secresearcher, I call you on this one.  If you're not completely full
of crap, release the vuln the day before M$ does.  If you do, I will
personally bow to you and publically eat crow.  If you don't, please
go away.

Curt

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

A Few Realities About Security Re: Microsoft Cries Wolf ( again ) secresearcher (Jul 02)
- <Possible follow-ups>
- RE: A Few Realities About Security Re: Microsoft Cries Wolf ( again ) infosysec (Jul 03)
  - Re: A Few Realities About Security Re: Microsoft Cries Wolf ( again ) Justin Shin (Jul 03)
    - Re: A Few Realities About Security Re: Microsoft Cries Wolf ( again ) Gordon McKillop (Jul 03)
    - Re: A Few Realities About Security Re: Microsoft Cries Wolf ( again ) Justin Shin (Jul 03)
    - Re: A Few Realities About Security Re: Microsoft Cries Wolf ( again ) madsaxon (Jul 03)