Full Disclosure mailing list archives
Re: [OT] Re: Quick Question
From: hellNbak <hellnbak () nmrc org>
Date: Mon, 17 Mar 2003 19:45:32 -0600 (CST)
[sorry for the flame war, but this more of the faq]
I wasn't aware that this was a flame war. Some are mature enough to debate a subject without resorting to such silly things.
I support my words that I don't do security work for the money. Of course I have to do something for living. Once again money is not sufficient incentive.
Care to actually back this argument up? It is clear that you, like most of us (there is nothing really wrong with it in my opinion) are a security consultant. You take what you enjoy and what you seem to be good at and make a living from it. There is nothing wrong with that as long as you are honest about it. Perhaps that is the problem.
The IETF just said "NO" to this.
Yes, and they did so based on some valid reasons but that does not take away from the need for a standard.
RFP can do whatever he wants with his 0days and I don't care. But his writings do not apply to me. btw, have not seen interesting stuff from RFP recently (don't have anything against him).
So you are saying that by being responsible or even having a standard somehow prohibits research? Wow, if that is truly the case I can see why you are so against a structured reporting policy.
From the above url: "There is no industry consensus on what constitutes best pratices for vulnerability disclosure" So what?
And your point is? You are right, there isn't a standard. But that doesn't mean that there shouldn't be one.
Have you read this: http://lists.netsys.com/pipermail/full-disclosure/2002-August/000822.html Free Hacker Manifest People seem to support this, you know.
Yes, some do. Again, highlighting the need for an accepted standard.
Also, if you use your 3l33t s34rching skills, you can find that in 98-99 microsoft publicly thanked me for the exactly the same behavior.
Judging by your opening lines, I think it is you Georgi who owns the 31337 s34rching skillz...... -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- "I don't intend to offend, I offend with my intent" hellNbak () nmrc org http://www.nmrc.org/~hellnbak -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [OT] Re: Quick Question Georgi Guninski (Mar 17)
- Re: [OT] Re: Quick Question hellNbak (Mar 17)
- Re: [OT] Re: Quick Question Georgi Guninski (Mar 17)
- Re: [OT] Re: Quick Question hellNbak (Mar 17)
- Re: [OT] Re: Quick Question Georgi Guninski (Mar 17)
- Re: [OT] Re: Quick Question hellNbak (Mar 17)