Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-Disclosure] To anybody who's offended by my disclosure policy

from [Gadi Evron] Network Security [Permanent Link]
Subject: Re: [Full-Disclosure] To anybody who's offended by my disclosure policy
Date: Sat, 27 Nov 2004 10:19:48 +0200
kf_lists wrote: 
Gadi Evron wrote:

He is not a messenger, he is the executioner.


Nah... its more like Microsoft is one of the executioners... they lead all the sheep to slaughter every time they release a new piece of software. Skylined just reminded you of where they are taking you.

I like people who let me know there are threats out there. I even like people who release vulnerabilities - full disclosure or not.

As a friend of mine just pointed out, it also makes my life as a security professional a lot easier, knowing that at least one more vulnerability is out and known.

I cannot, however, in any case, agree to listen to kids who whine and SAY "Yeah, I release it `cause I want attention.. and I send it to the whole world like this because I can.. OH! and the mydoom author should go to jail for breaking GPL on my code!!"

Give me a break. I feel as if it is this guy that makes my, private, world as a security professional so much more difficult.

Security people should be reliable. This guy is nothing but.

Why not make biological weapons.. put them on the market for sale and say: "What?! They violated GPL when they used it!"

Naturally the comparison cannot be made, it was just important for me to make a point.

MS does suck at how they do (or don't do) security. MS is liable (in my mind). What does MS have to do with this guy's search for attention, as he admitted, and his war with vendors who actually patch bugs quickly and who do serious QA?

As to me making a stand against MY VENDOR - I do. And with Linux, I try and actually help. Do you? All I see you do is yell "MS IS EVIL".

Try SUPPORTING Mozilla, for example, instead of YELLING "MS IS EVIL!".. or releasing so-called 0days, doing more harm than good. If exploitable (which this wasn't - how not l33t of him), phishers and spammers and worms would already be using it, and the guy would be crying out: "WHAT? THEY BROKE GPL!!!" while thousands of people lose their PC's along with Millions in losses.

I appreciate ANY reverse engineer. I appreciate ANY serious security professional.

I don't appreciate kids who wage wars for their own fame.

Grow up.

        Gadi.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-Disclosure] To anybody who's offended by my disclosure policy, Gadi Evron
Next by Date:  Re[2]: [Full-Disclosure] MS Windows Screensaver Privilege Escalation, 3APA3A
Previous by Thread:  Re: [Full-Disclosure] To anybody who's offended by my disclosure policy, kf_lists
Next by Thread:  Re: [Full-Disclosure] To anybody who's offended by my disclosure policy, JxT
Indexes:  [Date] [Thread] [Top] [All Lists]