Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: W2K source "leaked"?

From: Gadi Evron <ge () egotistical reprehensible net>
Date: Fri, 13 Feb 2004 19:51:18 +0200
As for your comments on zero day, I have some strong opinions on that:

First, I recall two massive zero day exploits being used last year. One
in IE being used by spammers and one in IIS.


Two out of how many?



We should expect this trend to advance exponentially, I would think,
just considering the amount of people coming online, the natural
progression of security, the infiltration time required for the market
to meet the demand and such other natural factors. 

That's the future, not the present. :)



Read: organized crime, corrupt governments and corporations and such...
have yet to really understand the unorthodox ways of bugfinding or the
power of the field. But that they will... That is simply a force of
nature. It is inevitable.
Why would organized crime (etc.) chose to make such exploits in their arsenal public? 


We should prepare for this now.

But, like most events similar to this in history, we won't. Or, we won't
do a very good job of it. Maybe others are more optimistic.



Of course we will, after-the-fact. :)

        Gadi Evron.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: