Full Disclosure mailing list archives
openssl exploit code
From: BlueBoar () thievco com (Blue Boar)
Date: Mon, 16 Sep 2002 20:53:33 -0700
Solar Eclipse wrote:
Whose interests is a full disclosure mailing list supposed to serve? Those of blackhats who prefer to keep all 0dayz private, or those of system administrators and security professionals who need information about the latest exploits?
Bugtraq has always tried to do the latter.
The fact is that Dave Ahmad is in a possession of an exploit for OpenSSL and is currently withholding it from the security community. Maybe his corporate masters fear litigation. Or it could be that he is concerned about my feelings. Even TESO didn't get that kind of treatment, this makes me feel so special.
TESO got that kind of treatment once, and they whined and threatened, and therefore the list moderators were obliged to check when it was obvious that someone besides the author was posting some code. The vuln-dev list had to do the same.
Doesn't this make anybody else uncomfortable?
That's what anonymous remailers and unmoderated forums are for.
Are you going to subscribe to a full disclosure mailing list whose moderator puts Intellectual Property or Corporate Interests before the security of your system?
Heh. Dave is protecting your interests and respecting your wishes in this case. Seems strange to fault him for that. :)
After a few more corporate mergers and takeovers, are you going to send your 0dayz to bugtraq () microsoft com ? And wait 45 days for moderator approval?
It wouldn't matter. The people who use Bugtraq would simply go elsewhere. Far be it from me to suggest that people not try to keep Symantec honest, but I think it's a little unreasonable to cry censorship for this particular reason. BB
Current thread:
- openssl exploit code Solar Eclipse (Sep 16)
- openssl exploit code hellNbak (Sep 16)
- openssl exploit code Solar Eclipse (Sep 16)
- openssl exploit code hellNbak (Sep 16)
- openssl exploit code Solar Eclipse (Sep 16)
- openssl exploit code Blue Boar (Sep 16)
- openssl exploit code Florian Weimer (Sep 17)
- openssl exploit code hellNbak (Sep 17)
- openssl exploit code Florian Weimer (Sep 17)
- openssl exploit code Isaak Bloodlore (Sep 17)
- openssl exploit code Ken Pfeil (Sep 17)
- openssl exploit code Solar Eclipse (Sep 16)
- openssl exploit code Jonathan Rickman (Sep 17)
- openssl exploit code hellNbak (Sep 17)
- openssl exploit code Georgi Guninski (Sep 17)
- openssl exploit code hellNbak (Sep 16)
- openssl exploit code Isaak Bloodlore (Sep 17)