On 11/25/06 9:53 AM, "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]"
<sbradcpa@pacbell.net> opined:
However, one cannot merely jump from the fact that Mr. Litchfield is
beyond reproach to make his mere opinions into facts.
Expert witnesses are bound by the "Daubert test" these days (gotta love
it when even the wikipedia has a link
http://en.wikipedia.org/wiki/Daubert_Standard )
<Snip>
In databases, probably the most common and public security event
affecting the database security world, I would argue, was SQL slammer,
an incident that had a patch available ahead of time.
And of course, the vulnerability SQLSlammer leveraged was discovered by
David. It was his "mere opinion" that it was best to wait for Microsoft to
release the patch before he published any details that saved countless
installations from exploitation. It was his "mere opinion" regarding the
propensity of worm activity that prompted immediate action on the part of
administrators to patch their systems. And when he was too ill to attend the
Singapore Blackhat conference, it was his "mere opinion" that the
vulnerability was so critical, and so important to get patched, that he
entrusted me with his personal materials so that I could give the lecture in
his stead.
He was, of course, precisely correct on all counts. I've known Dave for
years now... Stick by your "Daubert test," and be as pedantic as you wish
regarding what constitutes "fact" and "opinion." But for me, when it comes
to David Litchfield and computer security, they are the same thing. If
people choose to discount Dave's contributions because they are "mere
opinion" then it is MY opinion that they do so at great risk.
t
