Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Dailydave] Hyenas of the Security Industry

From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Mon, 21 Jun 2010 22:09:25 +0200
On 2010-06-18 andrew.wallace wrote:

In reply to
http://lists.immunitysec.com/pipermail/dailydave//2010-June/006130.html

What he done was cyber terrorism, the same as all the other
researchers have been doing for a long time... inciting cyber attacks
through a disclosure release, to force a vendor to change policy by
pressure of cyber attacks created by the disclosure.

It's expected researchers will stick up for other researchers and not
believe they are doing anything wrong and believe their actions
improve security, they don't.


So, basically you're saying that security is actually improved by
vendors not patching severe vulnerabilities for years?

Well, here's news for you: as long as vendors refuse to fix their
screw-ups in a timely fashion (just in case you didn't notice: people
paid them good money for their not-so-good-after-all software), I
consider it quite acceptable for every unpatched vulnerability to
explode right into their faces.

It's the vendors who create the problem in the first place, not the
messenger reporting the problem.

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: