Full Disclosure mailing list archives
Lazy bum approach to security
From: andrew.wallace <andrew.wallace () rocketmail com>
Date: Sat, 29 Nov 2008 18:16:45 +0000
On Wed, Nov 26, 2008 at 5:49 PM, Mike C <mike.cartall () gmail com> wrote:
I'm sure theres no reason to doubt that. The fact remains full-disclosure is where it all happens.
You're taking yourself into a false sense of security there. If you sit on a mailing list like full-disclosure and expect everything to be brought to you on a plate you are mistaken. You can't take the lazy bum approach to security and say, everything I need to know is on full-disclosure. From my experience the majority of stuff goes on in the underground communities, full-disclosure is only essentially an announcement list, the rest is going on in individual communities. What you need to do is get yourself dug into the underground communities, you need to get yourself informants and build relationships with members of communities, you _really_ can't sit on full-disclosure and expect every security community and hacker community to bring everything to you. I'm not talking about the n3td3v group here because luckily I forward the key stuff to full-disclosure for the lazy bums who can't be bothered to engaged in individual communities and their members. Let me say though, the real intelligence isn't on full-disclosure its elsewhere. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Lazy bum approach to security andrew . wallace (Nov 29)
- <Possible follow-ups>
- Re: Lazy bum approach to security Some Guy Posting To Full Disclosure (Nov 29)