|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Security through obscurity, etc.
Oliver Friedrichs (iceman
MBnet.MB.CA)Tue, 13 Dec 1994 11:45:57 -0600 (CST)
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: jsz: "Re: Security through obscurity, etc."
- Previous message: Casper Dik: "Re: SunOS's xterm pb : again !"
- In reply to: James M. Chacon: "Re: Security through obscurity, etc."
- Next in thread: Leo Bicknell: "Re: Security through obscurity, etc."
On Tue, 13 Dec 1994, James M. Chacon wrote: > Wrong...I've used the information in CERT advisories to give me a good idea > where and what I'm looking for. I've "reverse-engineered" so to speak a fair > amount of Cert's announcements into actaul problems I could show people around > here. All Cert's announcements do is delay the time people get to even know > a bug exists....I'm not really for the 8lgm concept completely, but at least > there they don't feel this overwhelming need to not hurt the various > manufacturers feelings.... Poor comparison. A script that guarantee's root on a site is equal to a CERT advisory? I don't know which advisories your reading. (send me one?). The difference is too large to even argue about. A CERT advisory doesn't give root to someone on any unprotected system on the Internet. Perhaps 1 in 10 people will figure out the problem, would you rather have 10 out of 10 people be guaranteed to? Think about it. - Oliver
- Next message: jsz: "Re: Security through obscurity, etc."
- Previous message: Casper Dik: "Re: SunOS's xterm pb : again !"
- In reply to: James M. Chacon: "Re: Security through obscurity, etc."
- Next in thread: Leo Bicknell: "Re: Security through obscurity, etc."