lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <AANLkTim8js2U0PkzCd4XZYYQIVn29yJ7DcPj23kHl9UW@mail.gmail.com>
Date: Wed, 16 Jun 2010 09:05:41 -0800
From: Josh Wheeler <jpavlakovich@...il.com>
To: Christian Sciberras <uuf6429@...il.com>
Cc: full-disclosure@...ts.grok.org.uk, Valdis.Kletnieks@...edu
Subject: Re: Congratulations Andrew

Turtles aren't evil, they're just honeytraps out to get andrew.



On Wed, Jun 16, 2010 at 7:22 AM, Christian Sciberras <uuf6429@...il.com>wrote:

> Turtles are scarier than a bomb on the other side of earth.
> They're evil!
>
>
> ;-)
>
>
>
>   On Wed, Jun 16, 2010 at 5:06 PM, <Valdis.Kletnieks@...edu> wrote:
>
>>   On Wed, 16 Jun 2010 16:44:06 +0200, "Jan G.B." said:
>>
>> > Oh and by the way.. he's still lobbying against FD, as you can see here:
>> > "Full disclosure is cyber terrorism" =>
>> > http://www.securityfocus.com/archive/105/511801/30/0/threaded
>>
>> Dude needs to learn to be consistent.  Kinda hard to support "FD is cyber
>> terrorism" while also whining about overinflated claims of cyberwarfare.
>>
>> In any case, his basic thesis is flawed. The fact that "most people seem
>> to
>> agree with me" doesn't in fact mean it's true, only that most CNet readers
>> are
>> just as confused as he is.  Full disclosure is *not* terrrorism, any more
>> than the weather service issuing a tornado alert is terrorism.  It may
>> mean
>> I have more work ahead, but that's true for a tornado alert as well.  And
>> most
>> importantly, I'm not terrorized - I'm fully informed and can take actions
>> accordingly.  It's *partial* disclosure that's terrorism.
>>
>> Consider the following two scenarios:
>>
>> "There are bombs at the following 7 specific locations, set to go off at
>> 4PM
>> local time. The trash bin behind 1123 Haymarket, in a box under the steps
>> at
>> 904 Maple, (etc etc)"
>>
>> "The Department of Homeland Security has received information indicating
>> an increased threat against building that have a 7 in the street address,
>> cars with a Q or J in the plate number, and turtles".
>>
>> Which one scares more people?
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ