Dailydave mailing list archives
Re: The lack of hard questions
From: Charles Miller <cmiller () securityevaluators com>
Date: Wed, 27 Aug 2008 17:43:43 -0500
But the problem is, if there are only a handful of people who can make a reliable exploit for a particular vulnerability (or not) and none of them work for MS, how can MS accurately determine whether an exploit for a particular vulnerability will be somewhat reliable or totally reliable (or not possible at all)? Doesn't anyone remember gobbles :) On Aug 27, 2008, at 4:55 PM, Valdis.Kletnieks () vt edu wrote:
On Wed, 27 Aug 2008 09:05:42 EDT, Pusscat said:My assumption would be that if it can be made reliable by anyone, then it's reliable. It probably shouldn't be a quantum value, collapsed by our inability ;)Yes, it only has to be weaponized once.
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- The lack of hard questions Dave Aitel (Aug 26)
- Re: The lack of hard questions security curmudgeon (Aug 26)
- Re: The lack of hard questions Dave Aitel (Aug 26)
- Re: The lack of hard questions Mike Reavey (Sep 01)
- Re: The lack of hard questions dan (Sep 02)
- Re: The lack of hard questions Dave Aitel (Aug 26)
- Re: The lack of hard questions security curmudgeon (Aug 26)
- Re: The lack of hard questions Charles Miller (Aug 26)
- Re: The lack of hard questions Pusscat (Aug 27)
- Message not available
- Re: The lack of hard questions Charles Miller (Sep 01)
- Re: The lack of hard questions ergosum (Sep 01)
- Re: The lack of hard questions Charles Miller (Sep 02)
- Re: The lack of hard questions Matt (Sep 03)
- Re: The lack of hard questions Pusscat (Sep 03)
- Re: The lack of hard questions Pusscat (Aug 27)
- Re: The lack of hard questions Matthieu Suiche (Sep 02)
- Re: The lack of hard questions Charles Miller (Sep 03)
- Re: The lack of hard questions Trygve Aasheim (Sep 03)