lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 10 Apr 2007 10:07:57 -0400
From: "Mr Zebedee" <time4bed@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Security Researcher Not Particularly
	Humiliated

Boing!

Very true -- and I agree with the points your making. As a
counterbalance of sorts, keep in mind that some of us operate under a
pseudonym for entirely legitimate reasons, such as to distance oneself
from an employer for legal reasons, or to maintain an air of privacy.

I agree that attacking from under the cover of a pseudonym is
downright low. The industry needs people like Raven who are willing to
be front-and-center, since some of us cannot be. That said, it's a
shame that these individuals have to be exposed to humanity's
less-than-positive side.

Time for bed,
Zebedee.

On 4/10/07, jf <jf@...glingpointers.net> wrote:
[snip]
> The same can be largely said about hiding behind layers of pseudonyms, it
> takes a bit of courage for people like Raven to come out in public, not so
> much because of the random few who would heckle, but because she makes
> herself visible and gives an identifiable location to attack; because she
> can potentially be a target. She was correct when she stated that '0-day
> happens', are any of you so confident in the quality of the code you run?
> It's an interesting industry we live and work in because even if you've
> reviewed every line of code in every application and operating system you
> run, chances are good you missed something, and the fact that many of the
> people choose to hide behind throw-away email addresses and shifting
> pseudonyms shows their lack of confidence in their own security, and that
> to me, is something that should warrant humiliation.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ