| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: tim-security at sentinelchicken.org (Tim) Subject: Shortcut...... may cause 100% cpu use!!! > PLEASE READ IT BEFORE YOU POST!!! LOL. Think about what you are saying to me. > >I haven't looked at your shortcut file(s) yet, but it sounds like the And yes, I admitted, I hadn't looked at your files. For a vulnerability such as you describe, it really wasn't worth my time. After all, it was just a DoS, and there are already two known ways to acheive this with .lnk files. The point is, research is never done in a vacuum. It is the duty of any researcher to understand the topic they are publishing on before they publish. That includes knowing about any other published research in that area, even if it isn't the same information. You have added about 5 cents worth of knowledge to what was already known about shortcut files. However, the casual reader might think that you came up with this all on your own. Are you taking complete credit for finding this problem without any knowledge of previous work? If so, then you are foolish for wasting your time in not looking for others' work beforehand. Afterall, there is information out there that would have made this particular find trivial. On the other hand, if you did use the previous work to learn about the topic and to find your own bug, then you are ripping off those others who did all of the hard work for you. Nothing wrong with publishing anyway, but you should *credit your sources*. That is how research is done. Each researcher builds on previous work in order to bring more knowledge to humanity. So, you are either a fool, or a plagiarist. Take your pick. tim
Powered by blists - more mailing lists