Full Disclosure mailing list archives
Re: Keep Gadi Evron off Bugtraq
From: "worried security" <worriedsecurity () googlemail com>
Date: Sun, 23 Sep 2007 00:36:45 +0100
On 9/22/07, Joel R. Helgeson <joel () helgeson com> wrote:
Everyone knows who Gadi is, so by definition, Gadi **is** high profileā¦ I happen to agree with Gadi, that a 0day is the day an EXPLOIT is RELEASED, where such exploit also serves as the ONLY vendor notification of a bug being discovered. Every adult on this list understands the definition, but the kids can't seem to grasp the not-so-subtle nuance between a 0day and the discovery of a bug in someone else's code. This supposedly serious disclosure you refer to is a non-event, there was a "press release" about a supposedly serious flaw in PDF, there were no details, so therefore it doesn't even count as disclosure of a vulnerability. -joel
Calling someone a kid who just released a major disclosure isn't helpful in the bigger picture of extracting relevant information from the person, or hearing from others with insightful information on-topic with the exploitation of PDF. Calling someones major disclosure "a non event" isn't helpful in the bigger picture of extracting relevant information from the person, or hearing from others with insightful information on-topic with the exploitation of PDF. Calling someones subject title inappropriate because its called "0day" isn't helpful in the bigger picture of extracting relevant information from the person, or hearing from others with insightful information on-topic with the exploitation of PDF. Bugtraq moderators, please keep irrelevant conversation out of important disclosures in future, where knowing relevant, on topic information is mission critical to why people use your mailing list. Its not a kiddy flame, I have no grudges with Gadi Evron, there is just a time and place for pissy conversation about buzzwords, and putting it in that particular thread just to teach the poster a lesson about buzzwords isn't cool. For all you know, because the thread ended up over run with buzzword conversation, you could have made the original poster not want to post relevant information, or hearing from others with insightful information on-topic with the exploitation of PDF. What the hell are these Bugtraq moderators doing with their day, have they simply lost sight and focus themselves? Its funny from a company calling themselves "Security + Focus" to allow someone to totally train wreck what would of, could of been an interesting, insightful, relevant conversation about the topic "We have a PDF flaw which can own Windows". Instead, it turned into "Why Gadi Evron thinks this disclosure is named wrongly", dude no one cares, its Bugtraq man, don't lose focus. Keep your industry leading buzzword police conversation for elsewhere. Keep Gadi Evron off Bugtraq, Unless he comes up with something which helps solve the mission critical, a 0-day PDF flaw, which we were all wanting more information about for whitehat purposes. What I want from Bugtraq: Stay mission critical, if someone posts about PDF flaw, then only accept reply posts about PDF. Don't allow someone to go off mission critical just because they are well known. Actually read your list description when moderating Bugtraq, mission critical is important to the rest of us who aren't trying to be buzzword pioneers, which if you know Gadi from other lists. is his own mission critical, but its not everyone elses interest, so keep him off Bugtraq. I think I have made myself clear, and yes I could have went into the PDF thread and ranted and raved about Bugtraq moderators, but my name isn't Gadi Evron, so I started my own thread to tell him he and his Bugtraq moderator supporters are idiots and runing Bugtraq for everyone else. Whats the point in moderating Bugtraq after that thread, sigh... it didn't look like a moderated conversation at all, it looked like a Bugtraq moderator was sleeping at the wheel.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Keep Gadi Evron off Bugtraq worried security (Sep 22)
- Re: Keep Gadi Evron off Bugtraq worried security (Sep 22)