Re: [Full-Disclosure] pissed off
Valdis.Kletnieks_at_vt.edu
Date: 04/25/03
- Previous message: David F. Madrid: "[Full-Disclosure] Cross site scripting in Onecenter Forum 4.0"
- In reply to: cyn0n@myrealbox.com: "[Full-Disclosure] pissed off"
- Next in thread: Melvyn Sopacua: "Re: [Full-Disclosure] pissed off"
- Reply: Melvyn Sopacua: "Re: [Full-Disclosure] pissed off"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: cyn0n@myrealbox.com Date: Fri, 25 Apr 2003 11:50:52 -0400
On Thu, 24 Apr 2003 23:36:22 CDT, cyn0n@myrealbox.com said:
> greets-
> Is anyone else pissed off at stupid *** like this flying around lists
> that are supposed to be respectable? Arguing over this type of stuff and
> even reporting this is just the most stupid fucking thing I've ever
> seen.
Umm.. I've seen lots of stupid *** on lists, but I have to disagree with
your assessment of this as "stupid ***". We have the following:
0) Remember that for an increasing fraction of the security community,
"standard BBC English" is *NOT* a first language - so we all need to
give each other leeway - what may be read as abrasive, irritating, or
flaming may only be a lack of skill with English.
1) somebody (badpack3t? attrib/quoting lost) posts a vulnerability
in Xeneo.
2) Tamer Sahin posts that it was a known thing already posted, and that
people shouldn't post without searching first. Quite politely phrased
and good advice.
3) badpack3t posts back saying that this vulnerability is a new and different
one, and asks for clarification from Tamer of why he thinks it's the same hole.
Everybody is being mostly civil, and there's a definite lack of any ad-hominem
attacks. If badpack3t *has* found a different hole, then he certainly
deserves credit for it, and Tamer owes him a "Sorry, you're right, that's
a different hole".
Now admittedly, Xeneo doesn't have a lot of market share - but if that
was the only criteria, then we shouldn't bother posting anything except
IE and ISS bugs. Would it still be "stupid ***" if the exact same
exchange had happened, with "Apache" instead of "Xeneo"? Probably not...
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- application/pgp-signature attachment: stored
- Previous message: David F. Madrid: "[Full-Disclosure] Cross site scripting in Onecenter Forum 4.0"
- In reply to: cyn0n@myrealbox.com: "[Full-Disclosure] pissed off"
- Next in thread: Melvyn Sopacua: "Re: [Full-Disclosure] pissed off"
- Reply: Melvyn Sopacua: "Re: [Full-Disclosure] pissed off"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
