lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 25 Oct 2008 04:39:13 +0100
From: n3td3v <xploitable@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Time to patch Windows boxes with MS08-067

"we" (the community) shouldn't be playing into the hacker spirit of
things. by increasing your threat level publicly plays into the hacker
mind-set that they can *take over* and be causing problems on a wider
scale. we should be dampening the hacker spirit by not letting them
visually see anyone panicking or there being an increased level of
concern. don't give the overall aura that hackers can have an affect
on us, and that even though we might be working hard behind the scenes
in an increased level of busi-ness, this shouldn't be communicated
outward to the hacker community, as it gives satisfaction to the
hacker community as a whole that they are beating us down. its about
psyops against the enemy, not that the threat level is not there, just
don't communicate your fears and concerns outward to the hacker
community, not just to those hackers willing to take part in attacks,
but just everyone on looking and thinking, "look at them increasing
their threat level because of "hackers""... don't give them that
satisfaction and morale boost.---n3td3v.
On Sat, Oct 25, 2008 at 3:16 AM,  <Valdis.Kletnieks@...edu> wrote:
> On Fri, 24 Oct 2008 23:29:33 BST, n3td3v said:
>> as soon as you rate, threat level something, the bad guys have won...
>> its time to rethink public rating and threat levels.
>
> No, the bad guys win if they manage to pwn or DoS one of my systems or users.
> Why do you think they win if we assign a threat level to something?
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ