Full Disclosure mailing list archives

Re: pissed off

From: Melvyn Sopacua <msopacua () idg nl>
Date: Sat, 26 Apr 2003 10:51:20 +0200

At 17:50 25-4-2003, Valdis.Kletnieks () vt edu wrote:

On Thu, 24 Apr 2003 23:36:22 CDT, cyn0n () myrealbox com  said:
> greets-
>   Is anyone else pissed off at stupid shit like this flying around lists
> that are supposed to be respectable? Arguing over this type of stuff and
> even reporting this is just the most stupid fucking thing I've ever
> seen.

Umm.. I've seen lots of stupid shit on lists, but I have to disagree with
your assessment of this as "stupid shit".  We have the following:


[ snip i18n note ]

1) somebody (badpack3t? attrib/quoting lost) posts a vulnerability
in Xeneo.

2) Tamer Sahin posts that it was a known thing already posted, and that
people shouldn't post without searching first.  Quite politely phrased
and good advice.

3) badpack3t posts back saying that this vulnerability is a new and different

one, and asks for clarification from Tamer of why he thinks it's the samehole.

Everybody is being mostly civil, and there's a definite lack of any ad-hominem
attacks.  If badpack3t *has* found a different hole, then he certainly
deserves credit for it, and Tamer owes him a "Sorry, you're right, that's
a different hole".


If you try objectify the conversation do it well:
1) vuln post
2) Hey, that's mine, I own that and you are violating copyright law
3) That's a different hole, unless I'm mistaken.

The stupid part, which has been annoying me as well, is nr. 2.

The focus in part 2 is not the vulnerability, but a psychological defect inTamerSahin's selfesteam, accompanied with legal crap about owning rights todiscoveries

of other people's mistakes.

What IS that copyright stuff anyways? Are we now 'legally owning karma'? Iscredit

for a vulnerability profitable? Can you borrow money on your 'stock of legally

owned vulnerability advisories'? Or is it yet another reason to sue thehell outofcompetitors, for reasons of 'loss of possible income, derived from thepublicity'?


I don't work for a security company, so please explain.


Met vriendelijke groeten / With kind regards,

Webmaster IDG.nl
Melvyn Sopacua

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Xeneo Webserver Vulnerability Tamer Sahin (Apr 23)
- Re: Xeneo Webserver Vulnerability Jakob Balle (Apr 23)
  - Re: Xeneo Webserver Vulnerability badpack3t (Apr 23)
- <Possible follow-ups>
- Re: Xeneo Webserver Vulnerability badpack3t (Apr 23)
  - pissed off cyn0n (Apr 24)
    - Re: pissed off Valdis . Kletnieks (Apr 25)
    - Re: pissed off Melvyn Sopacua (Apr 26)
    - Re[2]: pissed off Tamer Sahin (Apr 26)
    - Re: Re[2]: pissed off Knud Erik Højgaard (Apr 26)
    - Re: Re[2]: pissed off Cedric Blancher (Apr 26)
    - Re: Re[2]: pissed off Halil Demirezen (Apr 27)
    - Re: Re[2]: pissed off badpack3t (Apr 26)
    - Re: Re[2]: pissed off Halil Demirezen (Apr 27)
    - Re: Re[2]: pissed off Steve (Apr 28)
    - Re: Re[2]: pissed off madsaxon (Apr 28)