lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <2114728833-1208023461-cardhu_decombobulator_blackberry.rim.net-634777259-@bxe032.bisx.prod.on.blackberry>
Date: Sat, 12 Apr 2008 18:04:16 +0000
From: "josh" <mastahflank@...il.com>
To: mastahflank@...il.com, "n3td3v" <xploitable@...il.com>,
	"Randal T. Rioux" <randy@...cyonlabs.com>,
	full-disclosure@...ts.grok.org.uk, "n3td3v" <n3td3v@...glegroups.com>
Subject: Re: netdev threadjack

And probably anyone else that replies to this. :)
Sent from my BlackBerry® smartphone with SprintSpeed

-----Original Message-----
From: "josh" <mastahflank@...il.com>

Date: Sat, 12 Apr 2008 17:59:19 
To:"n3td3v" <xploitable@...il.com>,"Randal T. Rioux" <randy@...cyonlabs.com>,full-disclosure@...ts.grok.org.uk,"n3td3v" <n3td3v@...glegroups.com>
Subject: Re: [Full-disclosure] netdev threadjack


Enough, I'm filter this fuck.
Sent from my BlackBerry® smartphone with SprintSpeed

-----Original Message-----
From: n3td3v <xploitable@...il.com>

Date: Sat, 12 Apr 2008 18:17:57 
To:"Randal T. Rioux" <randy@...cyonlabs.com>,full-disclosure@...ts.grok.org.uk, n3td3v <n3td3v@...glegroups.com>
Subject: Re: [Full-disclosure] netdev threadjack


What about Gadi Evron threadjacks? He is as bad as me:

Impressive vulnerability, new. Not a 0day.

Not to start an argument again, but fact is, people stop calling
everything a 0day unless it is, say WMF, ANI, etc. exploited in the wild
without being known.

I don't like the mis-use of this buzzword.

 	Gadi.

http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/056846.html

http://www.securityfocus.com/archive/1/480093/100/0/threaded

Okay. I think we exhausted the different views, and maybe we are now able
to come to a conlusion on what we WANT 0day to mean.

What do you, as professional, believe 0day should mean, regardless of
previous definitions?

Obviously, the term has become charged in the past couple of years with
the targeted office vulnerabilities attacks, WMF, ANI, etc.

We require a term to address these, just as much as we do "unpatched
vulnerability" or "fully disclosed vulnerability".

What other such descriptions should we consider before proceeding?
non-disclosure?

Gadi.

http://www.securityfocus.com/archive/1/480611/100/0/threaded

http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/057005.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ