Re: Exploits matter.

[Matt Olney <molney () sourcefire com>]

OK...exploits are hard to develop.  But that doesn't make defense
easier.  In fact, I would anticipate it making it much, much harder.
As the bar raises, the organizations that can field the kind of
expertise that can correctly interpret the impact of various
vulnerabilities will shrink.  Many of those remaining (certainly not
all) will have a significant motivation not to share their information
(gov/mil/ngo/criminal).  This will make the problem of evaluating and
prioritizing patching even more of an issue.

I would also think that this might shift more of the burden to
software vendors, as an increasing percentage of disclosures will come
in the form of "in-the-wild" 0-day.  Users are then at the mercy of
software vendors to quickly and accurately patch issues.  I think its
clear from the behavior of several vendors over the past year that we
have a long way to go in improving that response.  In some cases, a
very long way.

Matt

On Thu, Oct 8, 2009 at 8:51 PM, Fuzzy Hoodie-Monster
<mr.monkey () gmail com> wrote:
> On Wed, Oct 7, 2009 at 6:24 AM, Matt Olney <molney () sourcefire com> wrote:
>
> > Or, as I often put it, defense sucks.
>
> Except that Dave started this thread by saying how much harder it was
> to develop this exploit than in the old days.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave