Re: Disclosure Debate - yet again

From: Michael Watterson (watty_at_EIRCOM.NET)
Date: 10/09/04

  • Next message: Paul Szabo: "Eudora 6.2.0.7 attachment spoof" 
    Date:         Fri, 8 Oct 2004 23:34:19 +0100
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    At 21:57 08/10/2004, you wrote:
    >Can we get consensus, even if just among the current group in this
    >discussion, that "user friendly" PoCs are bad?

    Absolutely.
    The Drugs locker lock can be easily picked like so.. It's much less likely
    to be raided if we only tell the locker manufacturer how to pick it easily.

    I think it is an "ego" thing this POC publishing, in some cases only one
    step from being a malware writer. The PoC publish creates a temptation.

    And indeed I find over last ten years of PC programming, planing networks
    and IT admin that good firewall, mailserver with content filter, users not
    admin rights etc and other best practices protect against most exploits.

    I run no AV software or anti-spyware on my Home network connected to
    internet, nor on the last IT Admin site, I find they don't get updated and
    give users false sense of security. I find education of users more
    effective than AV software.

    I have to fix many sites setup by others always with AV and other "security
    products" needing viruses, trojans, spyware etc removed!

    Education, Education and only PoC / Full Disclosure to the offending
    Vendor. By all means publicise the malise and workaround.

    Michael Watterson

    11 Laurel Park
    Patrickswell
    Co. Limerick
    +353 61-215842 

    --
NTBugtraq Editor's Note:
Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you'll have to copy their email address out of the message and place it in your TO: field.
--
  • Next message: Paul Szabo: "Eudora 6.2.0.7 attachment spoof"