Full Disclosure mailing list archives
Re: re: openssh exploit code?
From: Valdis.Kletnieks () vt edu
Date: Mon, 20 Oct 2003 11:13:38 -0400
On Mon, 20 Oct 2003 03:17:42 EDT, "S . f . Stover" said:
Not really - just interested in seeing what other people had found. I don't think that qualifies as "dependence". BTW, I thought "whitehat" implied non-disclosure, which isn't really the direction I'm coming from.
There are a number of full-disclosure white hats out there. Remember that the color of the hat denotes *motivations*, which are orthogonal to opinions regarding disclosure. Some white hats believe in full disclosure, because some places refuse to patch till they're shown an actual exploit, changing a threat from theoretical to real. Some white hats believe in non-disclosure, to keep exploits away from the skript kiddies. Some black hats believe in full disclosure, so they can hack systems and stay submerged under the noise of all the others using the exploit. Some black hats believe in non-disclosure, because they want to be the only ones able to use an exploit.
Attachment:
_bin
Description:
Current thread:
- Re: openssh exploit code?, (continued)
- Re: openssh exploit code? Daniel (Oct 13)
- Re: openssh exploit code? Peter Busser (Oct 13)
- Re: openssh exploit code? Ted Unangst (Oct 13)
- Re: openssh exploit code? Henning Brauer (Oct 13)
- Re: openssh exploit code? Shawn McMahon (Oct 13)
- Re: openssh exploit code? S . f . Stover (Oct 19)
- re: openssh exploit code? mitch_hurrison (Oct 20)
- Re: re: openssh exploit code? S . f . Stover (Oct 20)
- Re: re: openssh exploit code? John Sage (Oct 20)
- Re: re: openssh exploit code? S . f . Stover (Oct 20)
- Re: re: openssh exploit code? Valdis . Kletnieks (Oct 20)
- Re: re: openssh exploit code? S . f . Stover (Oct 20)
- Re: re: openssh exploit code? pandora (Oct 20)
- Re: re: openssh exploit code? Frank Knobbe (Oct 20)
- Re: re: openssh exploit code? Shawn McMahon (Oct 20)
- Re: re: openssh exploit code? S . f . Stover (Oct 20)