Full Disclosure mailing list archives
Re: To anybody who's offended by my disclosure policy
From: kf_lists <kf_lists () secnetops com>
Date: Sat, 27 Nov 2004 01:16:29 -0500
Gadi Evron wrote:
He is not a messenger, he is the executioner.
Nah... its more like Microsoft is one of the executioners... they lead all the sheep to slaughter every time they release a new piece of software. Skylined just reminded you of where they are taking you.
How? How is he doing me a favor and why don't I have a problem with other people who release vulnerabilities? You don't need a sixth sense to guess that.
Hrmm... stop using their crappy products. Bitch at support staff / general managers QA team members. Hrmm go get a friggin petition signed, Boycott them. I don't really care how you hold them accountable just stop bending over, spelling RUN out loud and then bitching at Skylined when you get screwed.
Hes doing you a favor because like half of the other folks on this list you were originally led to believe that this <insert bug name here> was nothing to worry about. He did you a favor because now while your vendor is claiming they knew nothing about it and doing the standard PR BS your AV vendor now has signatures and your IDS install can let you know you just got owned. He is the person that showed you that this nonexistant threat in reality was a threat. Maybe I am missing something.
You don't have a problem with other researchers because some of them are sheep of the same herd you flock in. Perhaps its because you sat in the dark vulnerable for months on end and had no clue that you had the potential of getting owned. You just got a little more comfort because you were notified that a patch was available at the same time you found out your browser was just a big pile. In reality you were a sitting duck like alot of other folks.
Just because a bug is not public or just because the vendor does not know about it certainly does not imply that someone else has not already found it and began exploiting it. Wake up and smell the napalm.
Gadi.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- FIREFOX flaws: nested array sort() loop Stack overflow exception Berend-Jan Wever (Nov 25)
- More Browser flaws on MACOSX: nested array sort() loop Stack overflow exception Marco Mella (Nov 25)
- Re: FIREFOX flaws: nested array sort() loop Stack overflow exception James Tait (Nov 25)
- Re: FIREFOX flaws: nested array sort() loop Stack overflow exception Gadi Evron (Nov 25)
- To anybody who's offended by my disclosure policy Berend-Jan Wever (Nov 25)
- Re: To anybody who's offended by my disclosure policy Gadi Evron (Nov 25)
- Re: To anybody who's offended by my disclosure policy kf_lists (Nov 27)
- Re: To anybody who's offended by my disclosure policy Gadi Evron (Nov 27)
- Re: To anybody who's offended by my disclosure policy kf_lists (Nov 27)
- Re: To anybody who's offended by my disclosure policy Gadi Evron (Nov 27)
- Re: To anybody who's offended by my disclosure policy JxT (Nov 27)
- Re: To anybody who's offended by my disclosure policy Gadi Evron (Nov 27)
- To anybody who's offended by my disclosure policy Berend-Jan Wever (Nov 25)
- MSIE & FIREFOX flaws: "detailed" advisory and comments that you probably don't want to read anyway Berend-Jan Wever (Nov 26)
- Re: FIREFOX flaws: nested array sort() loop Stack overflow exception Jose Nazario (Nov 27)
- Re: FIREFOX flaws: nested array sort() loop Stack overflow exception Heikki Toivonen (Nov 27)
- Re: FIREFOX flaws: nested array sort() loop Stack overflow exception exon (Nov 29)