Dailydave mailing list archives
For the love of Zeus stop making up silly terms!
From: Dave Aitel <dave () immunityinc com>
Date: Sat, 20 Sep 2008 10:47:25 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 " A 0-day patch is a patch where the vulnerability is disclosed at the same day the patch is released by the vendor. The associated risk exposure, the Gray Risk is 0 days. " So, I'm reading some papers and finishing a talk for next week's OWASP conference in NYC. Specifically, I'm reading this: http://www.blackhat.com/presentations/bh-europe-08/Frei/Whitepaper/bh-eu-08-frei-WP.pdf . The first thing they do is make up a silly term. Now, we all have a tendency to do this - sometimes it's like trying to wade through a Scientology text to figure out someone's paper, between the "Heap Feng Shui" and the various references to OODA loops and Sun Tzu quotes. Honestly, it's got to stop. So next time you're in the process of trying to "coin" a term, just sit back and call the darn thing what it really is. - -dave P.S. on "Black/White/Grey Risk": Heck, "Kobold risk", "Orc Risk" and "Ogre risk" would at least have been retro geek cool. Or why not make "white risk" the risk you have when everyone else has the exploit but you are too whitehat to get access to it and "Black risk" the risk you have if you are a blackhat and you are using bugs everyone knows about? That would have been more accurate too! Also, shouldn't that have been a 1-day patch? :> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFI1Qz8tehAhL0gheoRAi4gAJ92sp9n3qhenOOr3x4jbPC+AwWv3wCfYQ1g 2MWPGMzEmobxcx78+9bVHmo= =5CbL -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- For the love of Zeus stop making up silly terms! Dave Aitel (Sep 20)