Vulnerability Development mailing list archives
Re: Time-to-patch vs Disclosure method
From: terry white <twhite () aniota com>
Date: Thu, 18 Oct 2001 09:50:34 -0700 (PDT)
on "10-17-2001" "Mark Kennedy" writ:
: But just because they are the source of the vulnerability does not
: undermine their valid concerns on how that vulnerability is disclosed.
... that of "COURSE" assumes the "ONLY" source of such information
found within 'professional security circles'.
i find of interest, "culp's" suggestion of leveraging income
vis-a-vis 'disclosure philosophy'. that elevates stupidity to art.
clearly, threatening the 'security-savvy', 'technically proficient', and
'intellectually tenacious' seen as apropos to the situation at hand.
m$ is blessed with an ignorant market, however, is mistaken in
thinking that synonomous with stupidity. i suspect that distinction will
be made clear when XP finds widespread use. there's nothing more
dangerous than a lot of ignorant people asking questions, who won't
accepting the rote corporate answers ...
--
... i'm a man , and i can change ,
if i really have to , i guess ...
Current thread:
- Time-to-patch vs Disclosure method J. J. Horner (Oct 17)
- Re: Time-to-patch vs Disclosure method Olaf Kirch (Oct 17)
- Re: Time-to-patch vs Disclosure method Blue Boar (Oct 18)
- RE: Time-to-patch vs Disclosure method Dom De Vitto (Oct 19)
- Re: Time-to-patch vs Disclosure method Blue Boar (Oct 18)
- <Possible follow-ups>
- Re: Time-to-patch vs Disclosure method Mark Kennedy (Oct 17)
- Re: Time-to-patch vs Disclosure method terry white (Oct 18)
- Re: Time-to-patch vs Disclosure method Olaf Kirch (Oct 17)