Full Disclosure mailing list archives
Re: Talk in #grsecurity
From: peter () devbox adamantix org (Peter Busser)
Date: Sat, 27 Mar 2004 13:12:16 +0100
Hi!
I was there and the conversation most certainly happened, in fact you can see when i joined in the pasted converstation. The reason the conversation was posted is because this is full disclosure where I assume at least the majority of people actually believe in full disclosure and people keeping vulnerabilities secret isn't exactly kosher. This in particular is what i'm refering to [22:40] <BlackNet> how many do you have that's not released? [22:41] <spender> 2 for exec-shield [22:41] <spender> 3 for systrace [22:41] <spender> 1 for DTE [22:41] <spender> ~10 for LIDS [22:42] <BlackNet> that's alot [22:42] <spender> oh [22:42] <spender> 3 i think for linsec [22:43] <BlackNet> all of these are non-reported? [22:43] <spender> correct So I ask grsecurity fans, why would you run the software of someone no better than the people trying to crack your machine? This is not responsible behaviour and shows a clear disregard for security and safety of others.
What I wonder is: Why would Brad specifically target exec-shield and Fedora? I mean, with 10 zero-day bugs, doesn't this mean that LIDS would be a much more easier target? It couldn't have anything to do with the way the people from the company behind exec-shield have treated people from competing projects, such as gr-security. Could it? FYI, I don't know Brad Spender. I am not a gr-security user and neither am I a gr-security fan. Although I can understand what he is doing, I don't approve of it. Groetjes, Peter Busser _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Talk in #grsecurity Ed Street (Mar 26)
- Re: Talk in #grsecurity andrewg (Mar 26)
- Re: Talk in #grsecurity andrewg (Mar 26)
- Re: Talk in #grsecurity Joshua Brindle (Mar 26)
- Re: Talk in #grsecurity Dave Aitel (Mar 26)
- Re: Talk in #grsecurity Joshua Brindle (Mar 26)
- Re: Talk in #grsecurity Peter Busser (Mar 27)
- Re: Talk in #grsecurity Joshua Brindle (Mar 26)
- <Possible follow-ups>
- Re: Talk in #grsecurity Henk Stubbe (Mar 26)
- Re: Talk in #grsecurity Valdis . Kletnieks (Mar 26)
- Re: Talk in #grsecurity Peter Busser (Mar 27)
- Re: Talk in #grsecurity Valdis . Kletnieks (Mar 26)