Re: Public disclosure of discovered vulnerabilities
From: D. J. Bernstein (djb_at_cr.yp.to)
Date: 05/15/05
- Previous message: Colin Andrew Percival: "Re: Hyper-Threading Considered Harmful"
- In reply to: Nicol So: "Re: Public disclosure of discovered vulnerabilities"
- Next in thread: Joe Peschel: "Re: Public disclosure of discovered vulnerabilities"
- Reply: Joe Peschel: "Re: Public disclosure of discovered vulnerabilities"
- Reply: Nicol So: "Re: Public disclosure of discovered vulnerabilities"
- Reply: Unruh: "Re: Public disclosure of discovered vulnerabilities"
- Reply: Jan Vorbrüggen: "Re: Public disclosure of discovered vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 15 May 2005 21:48:49 +0000 (UTC)
Nicol So wrote:
> Please stop mischaracterizing my position as "shooting the messenger".
You said that ``public announcement of a vulnerability'' would
``increase the risk'' to users. That's shooting the messenger.
Anyway, the terminology doesn't matter. What matters is that you're
ignoring the ultimate source of harm, namely the designers and
implementors who created the security problem in the first place.
---D. J. Bernstein, Associate Professor, Department of Mathematics,
Statistics, and Computer Science, University of Illinois at Chicago
- Previous message: Colin Andrew Percival: "Re: Hyper-Threading Considered Harmful"
- In reply to: Nicol So: "Re: Public disclosure of discovered vulnerabilities"
- Next in thread: Joe Peschel: "Re: Public disclosure of discovered vulnerabilities"
- Reply: Joe Peschel: "Re: Public disclosure of discovered vulnerabilities"
- Reply: Nicol So: "Re: Public disclosure of discovered vulnerabilities"
- Reply: Unruh: "Re: Public disclosure of discovered vulnerabilities"
- Reply: Jan Vorbrüggen: "Re: Public disclosure of discovered vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
