On Apr 27, 2008, at 3:11 PM, n3td3v <[EMAIL PROTECTED]> wrote:
> On Sat, Apr 26, 2008 at 2:13 PM, G. D. Fuego <[EMAIL PROTECTED]> > wrote: >> On Fri, Apr 25, 2008 at 10:48 PM, n3td3v <[EMAIL PROTECTED]> >> wrote: >>> David, your research was responsible for the SQL Slammer Worm... but >>> that makes you elite doesn't it, not a black hat. >>> >>> No wonder the UK security service is interested in you, but I >>> wouldn't >>> call it an achievement, that calls you irresponsible in my view. >>> >> >> David is responsible for the Slammer worm because he discovered the >> vulnerability that it used? > > You don't believe in Responsible Disclosure? Every responsible > security researcher and expert should be supporting responsible > disclosure. David's disclosure is a prime example why responsible > disclosure is needed. > > What he did *was* irresponsible, but perhaps we can learn from it. > > n3td3v > Read ms02-039 The patch was available 6 months before slammer, thanks to David. Its not his fault that people didn't apply the patch > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/