Re: Security Researcher Not Particularly Humiliated

["Mr Zebedee" <time4bed () gmail com>]

Boing!

Very true -- and I agree with the points your making. As a
counterbalance of sorts, keep in mind that some of us operate under a
pseudonym for entirely legitimate reasons, such as to distance oneself
from an employer for legal reasons, or to maintain an air of privacy.

I agree that attacking from under the cover of a pseudonym is
downright low. The industry needs people like Raven who are willing to
be front-and-center, since some of us cannot be. That said, it's a
shame that these individuals have to be exposed to humanity's
less-than-positive side.

Time for bed,
Zebedee.

On 4/10/07, jf <jf () danglingpointers net> wrote:
[snip]
> The same can be largely said about hiding behind layers of pseudonyms, it
> takes a bit of courage for people like Raven to come out in public, not so
> much because of the random few who would heckle, but because she makes
> herself visible and gives an identifiable location to attack; because she
> can potentially be a target. She was correct when she stated that '0-day
> happens', are any of you so confident in the quality of the code you run?
> It's an interesting industry we live and work in because even if you've
> reviewed every line of code in every application and operating system you
> run, chances are good you missed something, and the fact that many of the
> people choose to hide behind throw-away email addresses and shifting
> pseudonyms shows their lack of confidence in their own security, and that
> to me, is something that should warrant humiliation.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/