| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.GSO.4.64.0611272157590.28229@orchard.wccnet.org> Date: Mon, 27 Nov 2006 22:14:50 -0500 (EST) From: Rick <optik@...net.org> To: Valdis.Kletnieks@...edu Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Sasser or other nasty worm needed On Mon, 27 Nov 2006, Valdis.Kletnieks@...edu wrote: >> so when you go to mcdonalds and hand over your $5 for your MCbig meal, do >> you consider the repercussions of supporting an industry which pays low >> wages, is under-staffed, and promotes world-hunger by using enough grain >> to feed a continent, etc...? > > WTF does that have to do with the topic? Unless you want to make the point > that often, the McDonald's staff fails to use a level of food-preparation > hygiene that matches the computer-security hygiene requirements to work with > known malware? it seemed to me that you were arguing a reason for not distributing the binary was "the guy is" (not) "clued enough to run a 'closed lab' without screwing up..." making this a 'we shouldn't support this because we do not know this person is responsible' approach. so the context of my statement relates to consistency of accountability. >> do *you* know where to find a copy? > Yes. >> did you always? > Yes. i'm sorry, but i have a hard time believing this. >> have you always been able to configure a network to talk via EIGRP? > No, because when I first got on the net, RFC1058 was still 4 years in the > future. So it wasn't "always" possible, because the option didn't always > exist. and once it did there was a point in time in which you learned. you learned because you had access to information. somone else provided this information. >>> There are a lot of people who are of the opinion that "if you have to ask >>> where to find a copy of Sasser, you're not clued enough to be trusted with >>> a copy". >> >> perhaps the next time you need a doctor, the one you find will laugh at >> you with the same sense of elitism you demonstrate. > > Did I say I was one of the lot of people? Did you notice that I was > replying *in the context of KF's comments* saying "It's cool because it's > in a closed lab?" i must've missed that part. i jumped into this because i was once a student at university who benefited from this type of 'closed lab learning environment.' you are absolutely correct that something could go wrong, but fear of failure ought not keep one from trying. i'm reminded of Roosevelt's saying: ""It is not the critic who counts: not the man who points out how the strong man stumbles or where the doer of deeds could have done better. The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood, who strives valiantly, who errs and comes up short again and again, because there is no effort without error or shortcoming, but who knows the great enthusiasms, the great devotions, who spends himself for a worthy cause; who, at the best, knows, in the end, the triumph of high achievement, and who, at the worst, if he fails, at least he fails while daring greatly, so that his place shall never be with those cold and timid souls who knew neither victory nor defeat." cheers, Rick _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists