Full Disclosure mailing list archives
Re: defining 0day
From: <full-disclosure () hushmail com>
Date: Wed, 26 Sep 2007 07:03:57 -0400
What gives any of you the right to define 0day? Let's leave defining 0day to those who can produce 0day. This is not you, Gadi and fat jewman cheerleaders. WMF, ANI, etc. On Tue, 25 Sep 2007 23:38:41 -0400 scott <redhowlingwolves () bellsouth net> wrote:
This make sense,but if we can't even agree on what the public perceives as a threat that they know nothing about,until a patch comes out or a full blown exploit shows up ITW (such trivial bullshit),how can we even say that we agree on the terms like disclosure,vulnerability,etc,etc,etc. How about we all agree that certain things can have different terms that mean the same thing.It's all semantics,really.I'm not going to go to New Orleans and tell them they speak English all wrong,although an English professor might try. Would he get anywhere?Very doubtful.Same thing applies here. Cheers, Scott Gadi Evron wrote:On Wed, 26 Sep 2007, Charles Miller wrote:On 26/09/2007, at 5:02 AM, Gadi Evron wrote:Okay. I think we exhausted the different views, and maybe weare nowable to come to a conlusion on what we WANT 0day to mean. What do you, as professional, believe 0day should mean,regardlessof previous definitions?As a professional, I would be happy to see terms like '0day'banishedfrom the lexicon entirely. It's an essentially meaningless --allthird-party exploits are zero-day to _somebody_ -- term ofboastco-opted from the warez scene, and we can do perfectly wellwithout it.Quibbling over its precise definition seems a ridiculous wasteof bytes.It would if we are to stay stuck in our niche, but you need to remember - security is about niches, we are all experts -- butin veryspecific fields. These past 2 years we faced multiple targeted attacks withpreviouslyunknown vulnerabilities. We experience MASSIVE exploitation ofuserswith 0days used on web sites and ine mail, etc. As an industry, as professionals, it is time to get our acttogetheron the basics. I am operations manager for ZERT, and for me, this is indeed atthevery heart of the matter. How you define this silliness isdirectlylinked to how you do two of the most essential parts ofsecurity:1. Vulnerability disclosure - for researchers. 2. Incident response - for.. responders. If a vulnerabiliy is fully disclosed, unpatched, being actively exploited, etc. caused real confusion, and non of us, or any ofthewritten material, can agree on the basics. It's not about fighting on what 0day means as much as it isabout howwe as an industry, a community, conduct ourselves and can reachacommon language, which directly impacts operations. So, if WMF was disclosed today after being actively exploiteditw fora while, what would you call it? How would you respond to it?How longwould it stay unpatched and when will you realize itsimportance?CGadi._______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- See the stunning beauty of Europe via rail. Click now for more info! http://tagline.hushmail.com/fc/Ioyw6h4ePdgpQ0gi2SdQYv2g15h5odGclgmE3zKiwgw13bfagoeaxC/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: defining 0day Throwaway1 () columbus rr com (Sep 25)
- Re: defining 0day gjgowey (Sep 25)
- Re: defining 0day scott (Sep 25)
- <Possible follow-ups>
- Re: defining 0day full-disclosure (Sep 26)
- Re: defining 0day full-disclosure (Sep 26)
- Re: defining 0day Awful Disclosure (Sep 29)
- Re: defining 0day Jimby Sharp (Sep 29)
- Re: defining 0day gjgowey (Sep 25)