Full Disclosure mailing list archives
Re: Fwd: fuck symantec & boycott bugtraq
From: Blue Boar <BlueBoar () thievco com>
Date: Thu, 09 Jan 2003 12:55:06 -0800
ohnonono () hushmail com wrote:
-----BEGIN PGP SIGNED MESSAGE----- I am sorry I was not clear because i was angry. Symantec has conviently removed all the exploits from the database. How can you trust someone who lies? http://online.securityfocus.com/bid Where are the exploits? Not like that is going to really stop any script kiddies or hackers anyway. It just goes to shows you cant trust symantec (something most of us knew anyway).
Thanks for clarifying. Indeed you are correct. The "exploit" tab has been entirely removed. Interestingly, at least some of the exploit files are still there:
http://216.239.33.100/search?q=cache:9Fbx2EFZanAC:online.securityfocus.com/bid/1780/exploit/ http://216.239.33.100/search?q=cache:Qjh1bVr7VFYC:online.securityfocus.com/bid/4485/exploit/I wonder if the files being left available is simply an oversight that hasn't been addressed yet. I wonder if they were left available intentionally because the commercial vulnerability database customers still get access to the exploits, and possibly their version of the vulnerability database entries still include the exploit section that links to those files.
When I was working there, we would occasionally be accused of "selling exploits". Other people's exploits, to be more specific. I never felt that the accusation was accurate, because of the fact that the exploits were made available to the public, and SecurityFocus was simply acting as an archive. If they have removed them from public view, and are still keeping them around for the paying customers, then perhaps that accusation is now valid.
Used to be that if an exploit writer didn't want their exploit saved for posterity on securityfocus.com, they could ask, and it would be removed. I guess now one will have no way of knowing if it's there or not.
BB
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Fwd: fuck symantec & boycott bugtraq ohnonono (Jan 09)
- Re: Fwd: fuck symantec & boycott bugtraq Blue Boar (Jan 09)
- <Possible follow-ups>
- Re: Fwd: fuck symantec & boycott bugtraq ohnonono (Jan 09)
- Re: Fwd: fuck symantec & boycott bugtraq Blue Boar (Jan 09)
- Re: Fwd: fuck symantec & boycott bugtraq Faulty (Jan 10)
- Re: Fwd: fuck symantec & boycott bugtraq Brian McWilliams (Jan 10)
- Re: Fwd: fuck symantec & boycott bugtraq Blue Boar (Jan 10)
- Re: Fwd: fuck symantec & boycott bugtraq Ken Dyke (Jan 11)
- Re: Fwd: fuck symantec & boycott bugtraq Nick Jacobsen (Jan 11)
- Re: Fwd: fuck symantec & boycott bugtraq Roland Postle (Jan 11)
- SF archive Nicob (Jan 11)
- Re: Fwd: fuck symantec & boycott bugtraq Blue Boar (Jan 09)
- Re: Fwd: fuck symantec & boycott bugtraq Blue Boar (Jan 10)
- Re: Fwd: fuck symantec & boycott bugtraq Dave Aitel (Jan 10)