FW: Information Anarchy

From: Schneider, Rick (RickSchneider@SIERRASYSTEMS.COM)
Date: 11/03/01 

Message-ID:  <2417BD0B3A2D5A4086512AD8BDDB1D4E023111D9@scvanex1.sierrasys.com>
Date:         Fri, 2 Nov 2001 15:51:23 -0800
From: "Schneider, Rick" <RickSchneider@SIERRASYSTEMS.COM>
Subject:      FW: Information Anarchy
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

3 quick points to make a fourth:

1. The black hats and the white hats are both very talented - generally, any
disclosure discovered by a white hat is either already known or likely to
soon be discovered by a black hat.

2. Any alternative to full disclosure that I've seen is primarily designed
to keep the script kiddies from playing with new exploits. The problem is
that all such alternatives also keep me (as a user and not a vendor) from
knowing about a security hole for an indeterminate amount of time while the
black hat community has access to the compromise.

3. The script kiddies are a major problem, but the hard core black hats
represent a major threat to our organizations.

And so, point 4, I am willing to strive to keep up with all the security
warnings and advisories, and the flood of attacks from the script kiddies in
order to have a shot at keeping the real bad guys from coasting through my
systems. Hence, full disclosure is the only option.

Rick Schneider
Technology Director
Sierra Systems Consultants
email rickschneider@sierrasystems.com
<mailto:rickschneider@sierrasystems.com>
604.8901.6240

============================================================================
Delivery co-sponsored by Trend Micro, Inc.
============================================================================
BEST-OF-BREED ANTIVIRUS SOLUTION FOR MICROSOFT EXCHANGE 2000
Earn 5% rebate on licenses purchased for Trend Micro ScanMail for
Microsoft Exchange 2000 between October 1 and November 16. ScanMail
ensures 100% scanning of inbound and outbound traffic and provides
remote software management. For program details or to download your
30-day FREE evaluation copy:
http://www.antivirus.com/banners/tracking.asp?si=53&bi=245&ul=http://www.a
ntivirus.com/smex2000_rebate

Relevant Pages

  • Re: Call to arms - INFORMATION ANARCHY
    ... of many of the posting members and their abilities. ... executing script or program for the script kiddiez to use, ... About the Black Hats: These guys, for whatever there purpose, have ... like full disclosure is two fold. ...
    (NT-Bugtraq)
  • Re: Snape *did* hate Harry
    ... white hats and black hats. ... I think "good" is just to simplistic a term for Snape. ... Harry with the information he needed to ultimately defeat Voldemort. ...
    (alt.fan.harry-potter)
  • Re: Call to arms - INFORMATION ANARCHY
    ... Unfortunately, the black hats *do* know more than the white hats, and always have. ... It's a matter of keeping the white hats informed, and allowing free and open discussion amongst the wider community. ... Have Microsoft ever been wrong about the severity of a security flaw in any of their OSes or applications? ... This is true of all vendors, commercial or open source or otherwise. ...
    (NT-Bugtraq)
  • Re: PYASID: Demons on the Good Side
    ... >>> teams set up, White Hats and Black Hats, and you want to hear ... >>> opportunities are thin) and signs up with Black Hats instead? ... and my sister is a vampire slayer, her best friend is a witch who ...
    (rec.arts.sf.written)
  • Re: PYASID: Demons on the Good Side
    ... >> teams set up, White Hats and Black Hats, and you want to hear ... >> opportunities are thin) and signs up with Black Hats instead? ... Toss in "other White Hats are clueless dolts" and you get She-Go ... >No. I'm asking for good characters that go over to the bad side, ...
    (rec.arts.sf.written)