Re: A view askew?

[Dragos Ruiu <dr () kyx net>]

On November 28, 2004 11:00 pm, Dave Aitel wrote:
> I have to say, it's certainly odd that Microsoft was able to convince
> US-CERT, SANS, most of the major IDS vendors, and a few other people to
> not release alerts on the WINS bug, which came out last Thursday, until
> tommarow morning. It's not Thanksgiving anywhere but here, but all your
> security efforts were hamstrung by Microsoft to fit a US audience.

There were probably some important servers that needed to be owned before
the advisory came out and the team wanted to be home for turkey dinners... :-P

But seriously, this is probably conjecture. Thanksgiving might have played
a part in it, but every advisory process I know of has some checklist and 
notification order... and all of them try to synchronize all the relevant 
parties (though it _never_ seems to work 100% ever :-). All it would take
is one person taking an extra day off around Thanksgiving to induce 
delay if that person was a key point in that synchronization, or any 
similar kind of event, and that would explain the delay just as easily
as any conscious time gating.

It's probably wrong to ascribe somethign to malice and conspiracy
theories if it might be explainable by much more mundane
bureucratic or process issues...

But then again this wanders back to the philosophical controversy on whether 
slow controlled dissemination is in any way more preferrable than
flooding it as fast and widely as possible to dissolve the "Maximum 0day
Potential" as quickly as you can. And that debate has been hashed
out enough for me to call it a "religious debate."  :-)

Happy Thanksgiving.

cheers,
--dr

-- 
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada       May 4-6 2005  http://cansecwest.com
pgpkey http://dragos.com/ kyxpgp
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave