Full Disclosure mailing list archives
Re: Internet Explorer 0day exploit
From: "T Biehn" <tbiehn () gmail com>
Date: Tue, 24 Jul 2007 20:01:26 -0400
How does DNS work again, Gadi? On 7/14/07, Gadi Evron <ge () linuxbox org> wrote:
On Sat, 14 Jul 2007, Dragos Ruiu wrote: > On Tuesday 10 July 2007 08:53, Gadi Evron wrote: >> To paraphrase Guninski, this is still not a 0day. It is a vulnerability >> being disclosed. > > You're being pedantic Gadi. :-) > > We have to accept the term "0day" has passed into > the realm of meaningless nebulousness along with > "hacker" and other misused terms. > > If we are to be pedantic, the original meaning of > 0day is new warez release :-). I think there is still hope for us buddy, at least when professionals make releases. For example, instead of saying I'm being pedantic on this (which I am), you could (also, in addition) reply and say "yep" or "nope", thus contributing to some discussion. Meaning, we would either make a stand for our profession or at the very least get educated as we go along. Some people believe the way to reach a "mature industry" is time, others believe it's training or in a more specific fashion, certifications. I don't know what the answer is, and I am sure it isn't terminology (or certifications, hehe). I do know though, what a 0day is, and don't intend to compromise it for the sake of what the press makes of it. It's a strong term and concept which shouldn't be abused. That or we can decide on a new term for what 0day used to mean. How about "blubla"? >From professionals, we can expect good language and for their work to speak for them. We shouldn't compromise on silly things like what 0day means. Maybe I will give this up next year, but for now, advisories named "0day" have disapeared lately. Maybe peer pressure does have some effect. The above is over-thinking and some could consider it very silly, but for now, I believe in it. It's just like I resent those among consultants who conduct themselves in a fashion that makes me ashamed of my profession, as a far-off analogy. > cheers, > --dr > > -- > World Security Pros. Cutting Edge Training, Tools, and Techniques > Tokyo, Japan November 29/30 - 2007 http://pacsec.jp > pgpkey http://dragos.com/ kyxpgp > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Internet Explorer 0day exploit Thor Larholm (Jul 09)
- Re: Internet Explorer 0day exploit Gadi Evron (Jul 10)
- Re: Internet Explorer 0day exploit Dragos Ruiu (Jul 14)
- Re: Internet Explorer 0day exploit Dude VanWinkle (Jul 14)
- Re: Internet Explorer 0day exploit Gadi Evron (Jul 15)
- Re: Internet Explorer 0day exploit Anupam Mishra (Jul 24)
- Re: Internet Explorer 0day exploit T Biehn (Jul 24)
- Re: Internet Explorer 0day exploit Dragos Ruiu (Jul 14)
- Re: Internet Explorer 0day exploit Gadi Evron (Jul 10)
- <Possible follow-ups>
- Re: Internet Explorer 0day exploit Paul Szabo (Jul 10)
- Re: Internet Explorer 0day exploit LIUDIEYU dot COM (Jul 10)