Full Disclosure mailing list archives
Re: HP Full Disclosure Story
From: full-disclosure () lists netsys com (Defender Defender)
Date: Sat, 24 Aug 2002 22:09:57 +0000
Just take a look at real world. When you buy a beer or a car and then find a bug in it, you may disclose the bug as you wish. (As bonus, both beer and cars come with > warranties, unlike warez).
- We dont talk of simple bugs here. We talk of vulnerabilities. - Up to the client to select vendors that provide warranty. Free market.
So what makes beer and cars so different than warez?
Not much different. The difference lies in simple bug (that sometimes compromise the very functionality of the software), and vulnerability (rarely compromises functionality, but could become risk under presence of someone capable of exploiting it).
Or are you suggesting that if someone gets poisoned by a single buggy beer, they keep quiet for thirty days so the beer maker fix the bug silently?
In this case, the threat arises from the very act of drinking the beer. There is no relation between the disclosure and the threat. Again, we dont talk of the same problem. But I believe you know that (guess you are a brillant person), you just lack the honesty of presenting a valid analogy that could make you loose the argumentation... _________________________________________________________________ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com
Current thread:
- Re: HP Full Disclosure Story, (continued)
- Re: HP Full Disclosure Story KF (Aug 23)
- Re: HP Full Disclosure Story Georgi Guninski (Aug 24)
- Re: HP Full Disclosure Story Kurt Weiske (Aug 24)
- Re: HP Full Disclosure Story Isaak Bloodlore (Aug 24)
- Re: HP Full Disclosure Story hellNbak (Aug 24)
- Re: HP Full Disclosure Story Charles Stevenson (Aug 26)
- Re: HP Full Disclosure Story KF (Aug 26)
- Re: HP Full Disclosure Story KF (Aug 26)
- Re: HP Full Disclosure Story Anthony DeRobertis (Aug 25)