RE: [Full-Disclosure] [Secure Network Operations, Inc.] Full Disclosure != Exploit Release

From: Richard M. Smith (rms@computerbytesman.com)
Date: 01/29/03

  • Next message: backed.up.by.2048.bit.encryption@hushmail.com: "Re: RE : [Full-Disclosure] [Secure Network Operations, Inc.] Full Disclosure != Exploit Release" 
    From: "Richard M. Smith" <rms@computerbytesman.com>
To: <full-disclosure@lists.netsys.com>
Date: Wed, 29 Jan 2003 17:32:21 -0500

    Today, it's a decision made by the security researcher and the company
    they work for who gets what exploit code. Down the road, my expectation
    is that the question will be addressed in courts via civil lawsuits.

    Richard

    -----Original Message-----
    From: Day Jay [mailto:d4yj4y@yahoo.com]
    Sent: Wednesday, January 29, 2003 5:16 PM
    To: Richard M. Smith
    Cc: full-disclosure@lists.netsys.com
    Subject: RE: [Full-Disclosure] [Secure Network Operations, Inc.] Full
    Disclosure != Exploit Release

    And what makes you think that you and your friends who
    share your dozen exploits are the right hands? What
    because you have the skill to write them, you are the
    right hands?

    Who decides who can have what?

    That's what I thought.

    >
    > OTOH we know that public proof-of-concept examples
    > are going to get into
    > the wrong hands.
    >
    > Richard
    >

    __________________________________________________
    Do you Yahoo!?
    Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
    http://mailplus.yahoo.com

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

    Relevant Pages