[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3a166c090606240529s53e55776u32f45a8d496a1bb1@mail.gmail.com>
Date: Sat Jun 24 15:11:53 2006
From: n3td3v at gmail.com (n3td3v)
Subject: Mr. Kletneiks
On 6/24/06, Troy Solo <solo@....org> wrote:
>
> As much as I have valued your opinion in the past, Valdis, you certainy
> lose some credibility "backing" n3td3v.
>
> Just one man's opinion.
> --
> /*
> /* Troy Solo
> /* <solo@....org>
> /* Si Hoc Legere Scis Nimium Eruditionis Habes
> /*
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
You don't know what you're talking about.
We're the biggest group around in the underground, we have lots of backers.
Don't base your opinion of n3td3v or Valdis on a handful of regular FD
trolls who bring anyone or any group of people down at any slight sign of
weakness they can pick on someone for.
FD has turned into a playground of bullies, who target people who actually
research vulnerabilities, while the bullies don't offer any on-topic
contribution apart from bringing others down who are making an effort in the
security community.
I wish the elitism would stop, its bringing the list down as a whole and
every each individual within it, so much so that some subscribers of the
list who do actually research real vulnerabilities are scared to post their
vulnerabilities here, incase they become targeted by the bullies and their
work discredited. Also from speaking to my contacts off list, they are
scared to comment on atechnical level of already existing threads in fear
of a people bringing them down, for no obvious and justified reason, apart
from the attacker getting self satisfaction of bringing down an individual
or group of individuals who contribute more than they are personally capable
of.
To begin with it was cross-site scripting being called lame then SQL
injection, then denial of service, all comments made by people who I can
only see a hint of jealousy from. Thats all Valdis was doing, he wasn't
sticking up for me per say, he was sticking up for the type of
vulnerability. He was saying, sure it might be low impact, but when its a
low impact vulnerability on Yahoo, then it ups the ante ten fold, and allows
for global attacks on a global audience. Therefore denial of service in
products from the biggest applications from the biggest internet based
vendors in the world, should not be discredited as lame and a no threat.
The people were almost saying "why did you post this to fd"... and once the
list starts that kind of trend, then as I said earlier, researchers are
going to become to post their vulnerabilities to fd, if all the feedback
they get are childish remarks from people on the list who don't appreciate
their work.
Remember, FD isn't "thee" place to post, theres milw0rm.com and other places
where vulnerabilities can be disclosed, just like the Yahoo Messenger denial
of service, it wasn't post via FD originally... so ruin your own community,
the ball is in your court. People who think FD is invincible and people will
ignore all the negitive comments under advisories forever are very much
mistaken.
Thanks for listening,
n3td3v
More than one man's opinion.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060624/4f45d2a6/attachment.html
Powered by blists - more mailing lists