lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: rahnemann at affinity-mortgage.com (Robert Ahnemann)
Subject: No Subject (re: openssh exploit code?)

> -----Original Message-----
> From: Blue Boar [mailto:BlueBoar@...evco.com]
> Sent: Tuesday, October 21, 2003 2:19 PM
> To: mitch_hurrison@...lip.com
> Cc: jasonc@...ence.org; full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] No Subject (re: openssh exploit code?)
> 
> mitch_hurrison@...lip.com wrote:
> > My main point being there is simply no
> > need for the disclosure of exploits.
> 
> English is a funny language.  Based on the rest of your note, I assume
> by "no need", you mean that there's no one forcing you to release your
> exploits, and you see no moral imperitive that says you should, yes?
Or
> do you also mean to say that there is "no need" on the part of others,
> by which I mean that you don't believe that other people can put
> exploits to legal, productive uses?
 
Which makes an even better point:  if there is 'no need' to disclose
exploits, what are you doing on a full disclosure list in the first
place?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ