Full Disclosure mailing list archives
Re: Security & Obscurity: First-time attacks and lawyer jokes
From: Georgi Guninski <guninski () guninski com>
Date: Thu, 2 Sep 2004 22:26:22 +0300
On Thu, Sep 02, 2004 at 12:24:29PM -0400, Peter Swire wrote:
...... In talking with people who write software, however, I was repeatedly struck by their observation that it takes considerable hard work and expertise to find new vulnerabilities....................
darling, you are missing the point. i can't sing, but this does not make singing a hard (NP) problem. what do you expect, the developers to say: "we are so fuckingly lame, so any nonstandard kid from a third world country can fuck us hard"?. for the sake of the argument, let's assume there are as low as 10^6 bugs in m$ warez. to take over the world (and in particular any target thereof) a kid needs as low as 10^2 or even 10 or even 1 exploits. any "real world" ('tm' of god) analogies? -- It's better to be a pirate than join the navy. -- steve jobs _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- New paper on Security and Obscurity Peter Swire (Aug 31)
- Re: New paper on Security and Obscurity gadgeteer (Sep 01)
- Re: New paper on Security and Obscurity Dave Aitel (Sep 01)
- Re: New paper on Security and Obscurity gadgeteer (Sep 01)
- Re: New paper on Security and Obscurity stephane nasdrovisky (Sep 01)
- Re: New paper on Security and Obscurity stephane nasdrovisky (Sep 01)
- Re: New paper on Security and Obscurity Barry Fitzgerald (Sep 01)
- RE: Response to comments on Security and Obscurity Peter Swire (Sep 01)
- RE: Response to comments on Security and Obscurity Dave Aitel (Sep 01)
- Security & Obscurity: First-time attacks and lawyer jokes Peter Swire (Sep 02)
- Re: Security & Obscurity: First-time attacks and lawyer jokes Georgi Guninski (Sep 02)
- Re: Security & Obscurity: First-time attacks and lawyer jokes Honza Vlach (Sep 03)
- Re: Security & Obscurity: First-time attacks and lawyer jokes Dave Aitel (Sep 02)
- Re: Security & Obscurity: First-time attacks and lawyer jokes Mr. Rufus Faloofus (Sep 02)
- RE: Response to comments on Security and Obscurity Peter Swire (Sep 01)
- Re[2]: Response to comments on Security and Obscurity 3APA3A (Sep 01)
- Re: Re[2]: Response to comments on Security and Obscurity James Tucker (Sep 01)
- Re: Response to comments on Security and Obscurity Barry Fitzgerald (Sep 01)
- Re: Response to comments on Security and Obscurity James Tucker (Sep 02)
- Re[4]: Response to comments on Security and Obscurity 3APA3A (Sep 02)
- Re: Re[4]: Response to comments on Security and Obscurity James Tucker (Sep 02)
- Re[6]: Response to comments on Security and Obscurity 3APA3A (Sep 02)