Re: [Full-Disclosure] [OT] Re: Quick Question

From: hellNbak (
Date: 03/18/03

  • Next message: Nicob: "Re: [Full-Disclosure] Administrivia: Pressured to delete archive entry"
    From: hellNbak <>
    To: Georgi Guninski <>
    Date: Mon, 17 Mar 2003 19:45:32 -0600 (CST)

    > [sorry for the flame war, but this more of the faq]

    I wasn't aware that this was a flame war. Some are mature enough to
    debate a subject without resorting to such silly things.

    > I support my words that I don't do security work for the money.
    > Of course I have to do something for living.
    > Once again money is not sufficient incentive.

    Care to actually back this argument up? It is clear that you, like most
    of us (there is nothing really wrong with it in my opinion) are a security
    consultant. You take what you enjoy and what you seem to be good at and
    make a living from it. There is nothing wrong with that as long as you
    are honest about it. Perhaps that is the problem.

    > The IETF just said "NO" to this.

    Yes, and they did so based on some valid reasons but that does not take
    away from the need for a standard.

    > RFP can do whatever he wants with his 0days and I don't care.
    > But his writings do not apply to me.
    > btw, have not seen interesting stuff from RFP recently (don't have anything
    > against him).

    So you are saying that by being responsible or even having a standard
    somehow prohibits research? Wow, if that is truly the case I can see why
    you are so against a structured reporting policy.

    > From the above url:
    > "There is no industry consensus on what constitutes best pratices for
    > vulnerability disclosure"
    > So what?

    And your point is? You are right, there isn't a standard. But that
    doesn't mean that there shouldn't be one.

    > Have you read this:
    > Free Hacker Manifest
    > People seem to support this, you know.

    Yes, some do. Again, highlighting the need for an accepted standard.

    > Also, if you use your 3l33t s34rching skills, you can find that in 98-99
    > microsoft publicly thanked me for the exactly the same behavior.

    Judging by your opening lines, I think it is you Georgi who owns the 31337
    s34rching skillz......

    "I don't intend to offend, I offend with my intent"
    Full-Disclosure - We believe in it.

  • Next message: Nicob: "Re: [Full-Disclosure] Administrivia: Pressured to delete archive entry"

    Relevant Pages

    • Re: An Enemy of the People
      ... If he can receive credit for his good words, why can't he receive criticism for his bad ones? ... mere programmers like H. Ross Perot who stole both clients and code ... world where you can always offend, and would have taken too much of a ... a colleague of mine has written a book on the psychology of programming as related to the C Standard. ...
    • Re: OT: Why does Sarah Palin hate Jews?
      ... ISTR that's the brush Obama was painted with. ... They use different brushes for's called a double standard ... what was said that's supposed to offend me? ...
    • Re: "Mild language"
      ... I used to be amused back in the 70s by the standard NZ warning: ... language may offend". ... Actually that intransitive "offend" has a special flavour to it, ...
    • Re: local food cost question
      ... > the US don't make a living wage unless they're properly tipped. ... > cuts down on city noise. ... >> having the expense of a car which is the norm ... >> in the US would seem to indicate a lower standard ...
    • Re: Interesting
      ... Given enough time wealth will equalize ... investing for a living) is becoming poorer. ... measurement of standard of living and comparisons between nations. ... It seems like most everything can be described with a curve. ...