Vulnerability Development mailing list archives
Re: Hellvisory #0001!
From: ras () SLARTIBARTFAST MAGRATHEA COM (Robert A. Seace)
Date: Thu, 10 Feb 2000 10:41:53 -0500
In the profound words of Denny:
I think this isn't the right place for "pseudo-hacking" information because (most of) the poeple here in VULN-DEV are working hard to provide serious information and of course to receive servious information .
I don't see why the advisory in question was any less "serious" than anything else posted here...
Further this mailinglist is named "vuln-dev" 'cause vulnerabilities are found and exploit-code will be generated which should be helpful for persons who use buggy Sorfware ...
Right... And, how many use the buggy software (or, at least buggy practices) obviously in use at NSI for verifying domain info changes? I don't see how this is any different...
In the name of the serious people here I could say that noone (seroius) here is interrested in personal engineering or in stealing other peoples domains ...
Please speak for yourself only, and don't presume you represent a group larger than 1... You could use your same argument against ANY topic discussed here: "I don't think anyone is interested in such-and-such CGI flaw, because we serious people don't care about breaking into other people's web sites"; "I don't think anyone is interested in such-and-such buffer overflow, because we serious people don't care about taking over other people's computers"; etc... Using your arguments, this list would be completely silent, with a bunch of "serious people" (whatever they are supposed to be) sitting around and all not talking about anything... If that's the kind of list you want, why not create your own, and call it "SeriousPeople" or something... But, personally, I like this list the way it is... And, while I didn't particularly give a shit about the advisory in question either, I don't think it was off-topic for the list, or at all inappropriate... It was pointing out some legitimate weaknesses in how NSI handles such domain changes... I don't think it necessarily warrented a whole long advisory like that (especially since the issue has been well-covered plenty of times before, already), but so what? If I didn't want to read it, I don't HAVE to... And, maybe SOMEONE out there didn't already know about such things, and this helped enlighten them to the risks... *shrug* In short, it was no more out of place than any other message I've seen around here... (I have no connection to the original poster, and have no interest in the advisory at all... It just annoys me when I see holier-than-thou people presume to speak for an entire group...) -- ||========================================================================|| || Robert A. Seace || URL || ras () magrathea com || || AKA: Agrajag || http://www.magrathea.com/~ras/ || rob () wordstock com || ||========================================================================|| "What do you mean, you've never been to Alpha Centauri? For heaven's sake, mankind, it's only four light-years away, you know." - THGTTG
Current thread:
- Re: Hellvisory #0001! Denny (Feb 10)
- Re: Hellvisory #0001! Gary Geisbert (Feb 10)
- Re: Hellvisory #0001! Barry A Byrne (Feb 10)
- Re: Hellvisory #0001! Max Vision (Feb 10)
- Re: Hellvisory #0001! Robert A. Seace (Feb 10)
- Re: Hellvisory #0001! Matthew S. Hallacy (Feb 10)
- <Possible follow-ups>
- Re: Hellvisory #0001! Ray McAlarnen (Feb 10)