On Thu, Jan 05, 2006 at 02:12:32AM -0500, Steven M. Christey wrote: > > Open Letter on the Interpretation of "Vulnerability Statistics" > ---------------------------------------------------------------
>Refined Vulnerability Information (RVI) hahaha, buzz word? >that is vulnerability databases (including CVE/NVD) hahaha: http://cve.mitre.org/about/ A Dictionary, NOT a Database (note the CAPS) so which way is it "NOT" or "A database"? rumors says the bsa/*aa may be after you for copyright infringment and illegal reverse engineering. irresponsible of you, bad dog! > RVI sources collect unstructured vulnerability information from Raw > Sources. read: parasites cut and paste from people who can do things. > - LACK OF COMPLETE CROSS-REFERENCING BETWEEN RVI SOURCES. read: coley does not like it that there is no officially recognized usa funded database (NOT a dictionary) to rule em all and manipulate statistics. -- where do you want bill gates to go today? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/