Re: [Full-Disclosure] To anybody who's offended by my disclosure policy
From: kf_lists (kf_lists_at_secnetops.com)
Date: 11/27/04
- Previous message: Frank Knobbe: "Re: [Full-Disclosure] "<01><02>_msbro"?"
- Maybe in reply to: Berend-Jan Wever: "[Full-Disclosure] To anybody who's offended by my disclosure policy"
- Next in thread: Gadi Evron: "Re: [Full-Disclosure] To anybody who's offended by my disclosure policy"
- Reply: Gadi Evron: "Re: [Full-Disclosure] To anybody who's offended by my disclosure policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Gadi Evron <ge@linuxbox.org> Date: Sat, 27 Nov 2004 01:16:29 -0500
Gadi Evron wrote:
> He is not a messenger, he is the executioner.
Nah... its more like Microsoft is one of the executioners... they lead
all the sheep to slaughter every time they release a new piece of
software. Skylined just reminded you of where they are taking you.
> How? How is he doing me a favor and why don't I have a problem with
> other people who release vulnerabilities? You don't need a sixth sense
> to guess that.
Hrmm... stop using their crappy products. Bitch at support staff /
general managers QA team members. Hrmm go get a friggin petition signed,
Boycott them. I don't really care how you hold them accountable just
stop bending over, spelling RUN out loud and then bitching at Skylined
when you get screwed.
Hes doing you a favor because like half of the other folks on this list
you were originally led to believe that this <insert bug name here> was
nothing to worry about. He did you a favor because now while your vendor
is claiming they knew nothing about it and doing the standard PR BS your
AV vendor now has signatures and your IDS install can let you know you
just got owned. He is the person that showed you that this nonexistant
threat in reality was a threat. Maybe I am missing something.
You don't have a problem with other researchers because some of them are
sheep of the same herd you flock in. Perhaps its because you sat in the
dark vulnerable for months on end and had no clue that you had the
potential of getting owned. You just got a little more comfort because
you were notified that a patch was available at the same time you found
out your browser was just a big pile. In reality you were a sitting duck
like alot of other folks.
Just because a bug is not public or just because the vendor does not
know about it certainly does not imply that someone else has not already
found it and began exploiting it. Wake up and smell the napalm.
> Gadi.
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Frank Knobbe: "Re: [Full-Disclosure] "<01><02>_msbro"?"
- Maybe in reply to: Berend-Jan Wever: "[Full-Disclosure] To anybody who's offended by my disclosure policy"
- Next in thread: Gadi Evron: "Re: [Full-Disclosure] To anybody who's offended by my disclosure policy"
- Reply: Gadi Evron: "Re: [Full-Disclosure] To anybody who's offended by my disclosure policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
