Bugtraq mailing list archives
Re: Security through obscurity, etc.
From: little () ragnarok hks com (Jim Littlefield)
Date: Wed, 14 Dec 1994 08:17:22 -0500
On Dec 13, 9:04am, James M. Chacon wrote: : : ....I'm not really for the 8lgm concept completely, but at least : there they don't feel this overwhelming need to not hurt the various : manufacturers feelings.... 8lgm gives the vendor some "incentive" to correct the problem in a timely manner, unlike CERT where the problem is reported only to the affected vendors. We never hear a peep until (a) we find the same bug as a result of a breakin of our site, or (b) CERT announces that the vendor (months/years later) has a fix available. Sorry folks, I'll take (c) 8lgm (or equivalent) providing full disclosure. The initial announcement means a scramble to disable/work around the problem, but at least I know if my systems are vulnerable. -- Jim Littlefield "I've got a bad feeling about this..." -- Han Solo <little () hks com>
Current thread:
- Re: Security through obscurity, etc. Jason Matthews (Dec 12)
- Re: Security through obscurity, etc. jsz (Dec 12)
- Re: Security through obscurity, etc. Jason Matthews (Dec 12)
- Re: Security through obscurity, etc. jsz (Dec 13)
- Re: Security through obscurity, etc. joshua geller (Dec 13)
- No more religious wars please! (was Re: Security through obscurity, Christopher Samuel (Dec 13)
- Re: Security through obscurity, etc. James M. Chacon (Dec 13)
- Re: Security through obscurity, etc. Oliver Friedrichs (Dec 13)
- Re: Security through obscurity, etc. Leo Bicknell (Dec 13)
- Re: Security through obscurity, etc. Oliver Friedrichs (Dec 13)
- Re: Security through obscurity, etc. Jason Matthews (Dec 12)
- Re: Security through obscurity, etc. Jim Littlefield (Dec 14)
- Re: Security through obscurity, etc. jsz (Dec 12)
- Re: this is interesting... Paul 'Shag' Walmsley (Dec 13)
- <Possible follow-ups>
- Re: Security through obscurity, etc. Richard Forno (Dec 12)
- Re: Security through obscurity, etc. der Mouse (Dec 16)