lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <C4C3BD00-B381-11D6-B2CD-000393779ABA@sackheads.org> From: cerebus at sackheads.org (Timothy J.Miller) Subject: Shiver me timbers. On Monday, August 19, 2002, at 08:30 AM, aliver@...il.com wrote: > Perhaps. However, the analogy may not be apt. Actually, it's more apt than you think. > Secondly, in your analogy the person who points out that the gas > tank tends to explode is a person who found that out from a coincidental > experience, and without any effort or foreknowledge of his own. Ask > yourself if this parallels our situation. Vulnerabilities are not > something that often manifest themselves to people with no technical > knowledge who aren't looking for them. A person with experience and > specific ability is almost always the one to find them. That person, or > someone like him must use that knowledge to create an exploit, and > that's > not something that just anyone can do. It takes both skill, and effort. Auto mechanics find engineering and manufacturing defects in automobiles all the time. They also, on the whole, report them to the auto manufacturer *as well as* their customers, even though it could be argued that it is in their best interest to keep it to themselves (thus insuring repeat business). -- Cerebus
Powered by blists - more mailing lists