Re: [Full-disclosure] Apple IOS security issue pre-advisory record



Gentlemen, I must say that beyond the raw results the reactions are also
very interesting because I think this actually IS what I called "community
behavior". Clics and votes are just one "reaction" type, and those clever
and smart comments are another one. Maybe much more important to understand
this corpus.
Indeed, this is the first test list to have started a smart debate around
the subject and even if I'm not a specialist I'll study those comments with
attention.

However, I have some questions.

For this list I was advised by a "geek" (with no offense), for example to
write the topic and format the content. I was also very lucky because it
appears that in the same time a real security advisory about Safari on IOS
has been released, making this fake test more attractive (that was not
expected).
My advisor told me that the high clics amount during the first minutes of
publication is not very surprising because this list is followed by
millions of readers, and a very few part are real security pro or "aware"
persons. Many others -the biggest part- are just casual readers. Would you
say this is correct ?

My feeling is also that this community has what I'd call a "scientist"
profile: this means people that tend to always test, think and discuss
things. This would explain why the falsification was quickly discovered,
explained to others and why a clever debate started.
I don't expect such a behavior on the other tests but maybe the "breaking
news" one.
Am I right on that ?

My advisor also warned me about possible aggressive reactions but I don't
see any so far. Was he right, or the fact that smart people started to
comment at the first place is an explanation ? Is it correct to say that
there is some kind of "respect", at least enough that when smart people are
speaking, the useless ones keep quiet ?

Whatever, this is very interesting and I must thank you all.

Regards,
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/