Vulnerability Development mailing list archives
Re: Time-to-patch vs Disclosure method
From: terry white <twhite () aniota com>
Date: Thu, 18 Oct 2001 09:50:34 -0700 (PDT)
on "10-17-2001" "Mark Kennedy" writ: : But just because they are the source of the vulnerability does not : undermine their valid concerns on how that vulnerability is disclosed. ... that of "COURSE" assumes the "ONLY" source of such information found within 'professional security circles'. i find of interest, "culp's" suggestion of leveraging income vis-a-vis 'disclosure philosophy'. that elevates stupidity to art. clearly, threatening the 'security-savvy', 'technically proficient', and 'intellectually tenacious' seen as apropos to the situation at hand. m$ is blessed with an ignorant market, however, is mistaken in thinking that synonomous with stupidity. i suspect that distinction will be made clear when XP finds widespread use. there's nothing more dangerous than a lot of ignorant people asking questions, who won't accepting the rote corporate answers ... -- ... i'm a man , and i can change , if i really have to , i guess ...
Current thread:
- Time-to-patch vs Disclosure method J. J. Horner (Oct 17)
- Re: Time-to-patch vs Disclosure method Olaf Kirch (Oct 17)
- Re: Time-to-patch vs Disclosure method Blue Boar (Oct 18)
- RE: Time-to-patch vs Disclosure method Dom De Vitto (Oct 19)
- Re: Time-to-patch vs Disclosure method Blue Boar (Oct 18)
- <Possible follow-ups>
- Re: Time-to-patch vs Disclosure method Mark Kennedy (Oct 17)
- Re: Time-to-patch vs Disclosure method terry white (Oct 18)
- Re: Time-to-patch vs Disclosure method Olaf Kirch (Oct 17)