Full Disclosure mailing list archives
Re: Time to patch Windows boxes with MS08-067
From: n3td3v <xploitable () gmail com>
Date: Fri, 24 Oct 2008 09:12:36 +0100
On Fri, Oct 24, 2008 at 8:41 AM, Juha-Matti Laurio <juha-matti.laurio () netti fi> wrote:
SANS ISC InfoCon meter is Yellow now http://isc.sans.org/infocon.html
- why tell the bad guys you're frightened about them. - why frighten the good guys, and be frightened? - why rate threats to the public domain? why not keep it to yourself, it changes nothing apart from create a fear, and then all you have to fear is fear its self, when nothing may actually happen to you. i don't even think we should be rating vulnerabilities either, they should all be one of the same, we shouldn't rate terrorism threats or hacker threat vulnerabilities or security incidents. is it not obvious to each individual how important something is, and allow then to give it their own rate privately, and not have a rate of fear that we should all adhere to. there should be no public threat levels, keep them in side your organisation, don't outward show fear or fright, because then you've given in before you've even started. keep threat levels private, don't rate anything, not even microsoft patches on patch tuesday. all threats should be one of the same. everyone. not just sans, stop rating everything, treat everything one of the same thing. even if you have a threat level inside your organisation, don't outward face it publically. hackers, dont rate your vulnerabilities, vendors dont rate vulnerabilities, everyone don't rate anything publically. what do rates and threat levels do for us? would we be less off without them, would anything change if everyone suddenly stopped rating things publically? the world would be a better place without rates and threat levels, everything would be a lot calmer and laid back, there would be more peace. n3td3v _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Time to patch Windows boxes with MS08-067 Juha-Matti Laurio (Oct 23)
- Re: Time to patch Windows boxes with MS08-067 James Matthews (Oct 23)
- <Possible follow-ups>
- Re: Time to patch Windows boxes with MS08-067 Juha-Matti Laurio (Oct 23)
- Re: Time to patch Windows boxes with MS08-067 Juha-Matti Laurio (Oct 24)
- Re: Time to patch Windows boxes with MS08-067 n3td3v (Oct 24)
- Re: Time to patch Windows boxes with MS08-067 Erik Harrison (Oct 24)
- Re: Time to patch Windows boxes with MS08-067 Valdis . Kletnieks (Oct 24)
- Re: Time to patch Windows boxes with MS08-067 n3td3v (Oct 24)
- Re: Time to patch Windows boxes with MS08-067 Valdis . Kletnieks (Oct 24)
- Re: Time to patch Windows boxes with MS08-067 n3td3v (Oct 24)
- Message not available
- RE : Time to patch Windows boxes with MS08-067 waveroad waveroad (Oct 24)
- Message not available
- Re: Time to patch Windows boxes with MS08-067 n3td3v (Oct 25)
- Re: Time to patch Windows boxes with MS08-067 n3td3v (Oct 24)
- Re: Time to patch Windows boxes with MS08-067 Duckie (Oct 25)
- Re: Time to patch Windows boxes with MS08-067 Biz Marqee (Oct 26)