lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <48A9E09E.9090907@ieee.org>
Date: Mon, 18 Aug 2008 16:50:38 -0400
From: Simon Valiquette <v.simon@...e.org>
To: Full Disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Linus summarizes state of the "security
 industry" with precision and accuracy.

coderman un jour écrivit:
> ... hypothesis that "security researchers" are all masturbating monkey
> whores is now proven definitively. [0]
> 
> """
> Too often, so-called "security" is split into two camps: one that
> believes in nondisclosure of problems by hiding knowledge until a bug
> is fixed, and one that "revels in exposing vendor security holes
> because they see that as just another proof that the vendors are
> corrupt and crap, which admittedly mostly are," Torvalds states.
> 
> Torvalds went on to say he views both camps as "crazy."
> 
> "Both camps are whoring themselves out for their own reasons, and both
> camps point fingers at each other as a way to cement their own reason
> for existence," Torvalds asserts.
> """
> 
> 0. Torvalds Interview with Network World , 08/14/2008
> http://www.networkworld.com/news/2008/081408-torvalds-security-circus.html
> 

   Isn't that quite old news?  Not only the article doesn't offer anything 
new, but It also doesn't give the full picture and offer very little 
useful information compared to the real discussion.

   I did read the thread at this time, and there was many interesting 
ideas.  If I happens to see an article that resume well the issues 
involved, I'll post a link, but I won't spend much time searching, so 
don't wait after me.


   By the way, Linus Torvalds is very well known to enjoy starting flames 
on purpose (he calls that "flamefesting").  This time, the troll was trown 
at OpenBSD, but It was too big to be taken seriously by them, so It is 
mostly the security people that reacted.

   I prefer the troll he launched last year when he basically said that 
Gnome is just a waste of time and than both users and developers should 
just give-up and move on to KDE, which would be a much better and 
productive use of their time.  It was said in 2007 directly on some major 
Gnome mailing list, like his previous flames against Gnome. :o)


Simon Valiquette

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ