That was a dumb fucking joke. Please end this thread.
J
On Tue, 25 Sep 2007 14:39:24 -0400 "Thor (Hammer of God)"
<thor@hammerofgod.com> wrote:
For the record, the original term "O-Day" was coined by a dyslexic
security engineer who listened to too much Harry Belafonte while
working
all night on a drink of rum. It's true. Really.
t
-----Original Message-----
From: Roland Kuhn [mailto:rkuhn@e18.physik.tu-muenchen.de]
Sent: Tuesday, September 25, 2007 10:58 AM
To: Lamont Granquist
Cc: Chad Perrin; Crispin Cowan; Casper.Dik@Sun.COM; Gadi Evron;
pdp
(architect); bugtraq@securityfocus.com; full-
disclosure@lists.grok.org.uk
Subject: Re: 0day: PDF pwns Windows
On 25 Sep 2007, at 00:57, Lamont Granquist wrote:
The exploit is not made public by its use. The exploit is not
even
made public by (back-channel) sharing amongst the
hacker/cracker
community. The exploit is only made public if detected or the
vulnerability is disclosed. Until detected/disclosed the
hacker/
cracker can use their 31337 0day spl01tz to break into
whichever
vulnerable machines they like. 0day exploits are valuable
because
the
opposition is ignorant of them.
Posting exploits to BUGTRAQ, however, inherently makes them
not
0day...
And my ignorant self thought until this thread that the "0" in
the
term
referred to the number of days of head start granted to the
vendor.
Silly me. Because that would make all vulnerabilities published
without
prior warning to the vendor a "0day"...
Roland (who seems to remember that this was once the meaning of
this
term)
--
Largest network of startups. Find new startup opportunities. Click here.
http://tagline.hushmail.com/fc/Ioyw6h4dA9SsstedRp4odQ5DOKFMMBH1X4BfZJCnzKEsIKvjj5jbZG/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
