| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 22 Jul 2010 17:56:57 -0400
From: Valdis.Kletnieks@...edu
To: "andrew.wallace" <andrew.wallace@...ketmail.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: there might be three people who missed it...
On Thu, 22 Jul 2010 14:24:07 PDT, "andrew.wallace" said:
> Are you trying to say no disclosure will ever come under the profile of cyber
> terrorism?
No, I'm saying that claiming *every* disclosure *is* "cyber terrorism" is
lunacy. I've yet to see *anybody* other than yourself claim that Ormandy's
disclosure qualified as terrorism of any sort, cyber or otherwise. That leaves
one of two possibilities:
1) Ten years from now, we'll be wondering how all tens of thousands of people
in the computer security field totally got it wrong and you were the only one
who got it right.
2) The reverse of (1).
Hint: Unrecognized geniuses are so frikkin' rare they teach you about
them in school. Unrecognized idiots are much more common.
(Although I *would* enjoy seeing you come up with a *plausible* example where
the disclosure *itself* qualified as terrorism, separate from what uses are
made of it. For example - although terrorists have used C-4, the invention of
C-4 is not *itself* terrorism. Remember to keep that distinction straight in
your scenario).
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists