| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <000701c25b4b$608cf300$c700a8c0@Mandie> From: andrew at generator.co.za (Andrew Thomas) Subject: RE: remote kernel exploits? Comments inline. ----- Original Message ----- From: <andy_mn@...hmail.com> To: <full-disclosure@...ts.netsys.com>; <incidents@...urityfocus.com> Sent: Thursday, September 12, 2002 10:04 AM Subject: Re: [Full-Disclosure] RE: remote kernel exploits? ... > choose just because of someone's choice of operating system? And > what kind of researcher would've given them these tools before > notifying the rest of us anyway? I really think it's time ... > to. So in other words, unless one of these brats comes forward > or the irresponsible security professional who was reckless > with the information, we can never be sure that we have an > operating system with these bugs fixed. ... Why is it that everyone seems to assume that the only people with enough skills to find and abuse an exploit is a "security researcher"? Or a "security professional"? *Please*... Do you have any idea how long it took for the format string vulnerabilities to make it 'public' after they had been discovered? > If they don't deface websites with these exploits, then what > do they do? Steal credit card information? Makes little > difference to my argument. Yup. Or gain access to more 'entertaining' sites. What do you understand to be blackhat motivation? What is a blackhat? Regards, Andrew
Powered by blists - more mailing lists