Re: Fw: Full Disclosure != Exploit Release - No disclosure No Fix

[Blue Boar <BlueBoar () thievco com>]

yossarian wrote:
> Why do I get the feeling that we are running around in circles on these
> lists? Discussion just don't get settled, and the more experienced people
> get tired, and just lurk or leave.

Because we are going in circles.  Much of the full disclosure debate is 
based on opinions, assumptions, or gut feeling.  It's an incredibly complex 
topic, and we don't have near enough information to "prove" anyone's 
position.  It comes up all the time because something happens that seems to 
lend weight to someone's side, or because some new form of pain occurs that 
makes people question whether it's worth it.

I don't mind participating in an intelligent debate on it from time to 
time, but don't expect anything to really be resolved.  The kinds of 
studies that need to be done in this area are few and far between, and 
usually are to small in scope, due to lack of resources.

                                        BB

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html