Full Disclosure mailing list archives
RE: Re: Second critical mremap() bug found in all Linux kernels
From: "Geo." <geoincidents () getinfo org>
Date: Thu, 19 Feb 2004 08:38:59 -0500
Yes but it doesn't mean that we have to deliver tools any script kiddie
can take and go ahead for hacking!<< I submit to the security industry that this is exactly what is required. Allow me to explain. Without worms, virus, and hacking, exactly what reason would the masses of high bandwidth home machines have to patch? What would motivate the armies of lazy computer owners to lock their machines down so that the internet is not at risk of someone using known exploits to build an army of floodbots and take control of the internet flooding off anyone who opposes them? It is a very real danger that we have already seen beginning and if security is not a concern then how do we protect ourselves from this sort of thing happening? One solution is report exploits, allow vendors sufficient time to create and test patches, allow the masses sufficient time to apply those patches, then release point and shoot exploit code so that the remaining unpatched machines are now at a very real risk. Provide script kiddie tools that don't allow control but do allow you to effect just the exploitable box by perhaps coding them to make it easy to shutdown the box (high annoyance factor but not perm damage). This provides the motivation to secure the world network so that the number of exploitable boxes doesn't reach such a level that no segment is safe. Digital Darwinism. Geo. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: Second critical mremap() bug found in all Linux kernels, (continued)
- Re: Re: Second critical mremap() bug found in all Linux kernels Paul Starzetz (Feb 18)
- Re: Re: Second critical mremap() bug found in all Linux kernels Christophe Devine (Feb 18)
- Re: Re: Second critical mremap() bug found in all Linux kernels Gregory A. Gilliss (Feb 18)
- Re: Re: Second critical mremap() bug found in all Linux kernels i.t Consulting (Feb 19)
- Re: Re: Second critical mremap() bug found in all Linux kernels Michael Graham (Feb 18)
- Re: Re: Second critical mremap() bug found in all Linux kernels Diego Calleja (Feb 18)
- RE: Re: Second critical mremap() bug found in all Linux kernels Replugge[ROD] (Feb 18)
- RE: Re: Second critical mremap() bug found in all Linux kernels Chris Anley (Feb 18)
- RE: Re: Second critical mremap() bug found in all Linux kernels Replugge[ROD] (Feb 18)
- RE: Re: Second critical mremap() bug found in all Linux kernels Paul Starzetz (Feb 19)
- RE: Re: Second critical mremap() bug found in all Linux kernels Geo. (Feb 19)
- Re: Re: Second critical mremap() bug found in all Linux kernels Dave Howe (Feb 19)
- Re: Re: Second critical mremap() bug found in all Linux kernels Paul Schmehl (Feb 19)
- Re: Re: Second critical mremap() bug found in all Linux kernels John Galt (Feb 19)
- Re: Re: Second critical mremap() bug found in all Linux kernels Paul Schmehl (Feb 19)
- Re: Re: Second critical mremap() bug found in all Linux kernels Paul Starzetz (Feb 18)