Full Disclosure mailing list archives
Re: Exploit release
From: Martin Bealby <mxb285 () bham ac uk>
Date: Mon, 05 Apr 2004 08:39:08 +0100
On Mon, 2004-04-05 at 01:05, J.A. Terranson wrote:
2 on the Troll-O-Meter. Thanks for playing though.
Hey, I wasn't trying to troll. I was actually seriously thinking about it. Being relatively new to the security scene I thought it was a valid question. I know the list has degraded somewhat over the past few months but you don't have to have a go at me just for asking a question. I thought the full-disclosure list would be the most appropriate place to ask this sort of question, as I know the majority of the people on this list use sensible disclosure techniques such as RFPolicy. However, if you go to a developer and say 'here is an exploit, you have X days to fix it until I go public', couldn't this be twisted into some sort of blackmail? I'm just trying to think everything through before I start my own research. Cheers, Martin
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Exploit release Martin Bealby (Apr 04)
- Re: Exploit release J.A. Terranson (Apr 04)
- Re: Exploit release Martin Bealby (Apr 05)
- Security / Privacy regulations USA/EU/AU n30 (Apr 06)
- Re: Security / Privacy regulations USA/EU/AU Paul Schmehl (Apr 06)
- Re: Exploit release J.A. Terranson (Apr 04)