| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3b28167f04112513261ed243c6@mail.gmail.com> Date: Thu, 25 Nov 2004 16:26:30 -0500 From: Juan Carlos Navea <loconet@...il.com> To: Berend-Jan Wever <skylined@...p.tudelft.nl> Cc: full-disclosure@...ts.netsys.com, vuln-dev@...urityfocus.com, bugtraq@...urityfocus.com Subject: Re: FIREFOX flaws: nested array sort() loop Stack overflow exception > So instead you unleash it upon kiddie and spammer world? That's lovely. > Next you will come by again and say: "I'm still hoping I get to see the > guy who wrote those MyDoom worms in court, he violated the GPL and > spread millions(?) of copies of my (modified) source)." > So, you release it like you did and, expect what? > > Some people are advocates of this or that disclosure mechanism, and > believe they are right. I can bite. > You just say: "I'm so cool. I will release this, get a ton of attention > and then say 'hey! They violated GPL! How dare they?!'" > Full disclosure. Responsible disclosure (according to whoever). > Non-disclosure. Fine. What are you doing? I agree, not to mention that that "bugzilla crap" is not really crap. I find it to be a solid system for the most part. Also, It has been proven that involving the general public to help out in filing bugs has been useful in resolving problems that would otherwise go unnoticed until script kiddies start abusing them. Plus bugzilla is not really that hard to use, takes just a few minutes really. -- http://www.loconet.ca _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists