Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] defining bugtraq

from [jf] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] defining bugtraq
Date: Wed, 26 Sep 2007 16:59:37 +0000 (UTC) 
hi. more time spent finding 0day, less time spent discussing 0day, aka
stfu, kthx.

also fuck pdp and gnucitizen, the only amazing part is that he has gotten
anyone to take him serious.


On Wed, 26 Sep 2007, worried security wrote:


Date: Wed, 26 Sep 2007 08:00:15 +0100
From: worried security <worriedsecurity@googlemail.com>
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] defining bugtraq

bugtraq is a moderated mailing list for hackers to tell the government and
corporations about 0day, governments and corporations should only discuss
the mission critical under a 0day disclosure.

the government or corporation should not disrespect the person who posted
the original advisory, the moderator should not let people downgrade the
severity or weight of an advisory post on bugtraq.

governments and corporations should thank hackers for posting a 0day
advisory in the first place, the moderator should not let someone called
gadi evron ruin the mailing list and scare hackers away.

more questions are going to be raised about gadi evron and the bugtraq
moderator, than what a 0day is, you have disrespected gnucitizen, you make
him not want to post anymore advisories, you make him scared to post again,
incase he says the wrong thing. he is scared he has said the wrong thing,
and doesn't know what is the right thing to say.

he just post his advisory about the 0day, he did not expect this kind of
reaction. the term 0day discussion has been blown out of all proportion
compared to the advisory post.

an advisory is just to warn you that a 0day exists in a product, it doesn't
mean full disclosure, its just an advisory, that somewhere a 0day is present
in the underground, and he or others may have created it.

it is 0day because you don't have the details yet about it. just because he
posts an advisory doesn't mean its not 0day anymore, its still very much
0day, because you don't know about it and no patch is there.

get over your ego trip gadi evron and leave the poor guy alone, he is scared
now, you have scared him.

i can't believe this guy used to work for the israeli government, its
unbelieveable his actions on bugtraq.



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] CN spam links in Google and Yahoo, Nancy Kramer
Next by Date:  Re: [Full-disclosure] defining 0day, full-disclosure
Previous by Thread:  [Full-disclosure] defining bugtraq, worried security
Next by Thread:  Re: [Full-disclosure] defining bugtraq, worried security
Indexes:  [Date] [Thread] [Top] [All Lists]