That was my first exposure to the term "zero day".... Back in the day if you were an OP on a zero day warez IRC channel you were considered by many to be 'leet :-). When the real 'leet d00ds were the folks getting the zero dayz for distro by the groups on IRC....
Then you had warez that were 1-3 dayz old.... Anything after that was considered "old-warez" and that was the channel name on effnet too.... That was a fun channel! Zero day morphed into meaning "brand new, released today, no patch available, no sigs, no nuttin!" The day after zero day it was an old vuln as usually a patch or sigs were now available :-) Now he meaning is worthless thanks to the media.... Cool to go down memory lane with ya dude! :-) Mike B ----- Original Message ----- From: CP Constantine [mailto:con...@1211.net] Sent: Tuesday, January 31, 2012 05:07 PM To: cisspfo...@yahoogroups.com <cisspfo...@yahoogroups.com> Cc: funsec@linuxbox.org <funsec@linuxbox.org>; Rob, grandpa of Ryan, Trevor, Devon & Hannah <rmsl...@shaw.ca> Subject: Re: [funsec] [cisspforum] REVEIW: "Zero Day", David Baldacci On 01/31/2012 04:41 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote: > At one time, in information security terminology, "zero day" meant a > measure of difficulty or vulnerability. err, no it didn't. At *one* time, "zero day" meant that you'd acquired and were trading pirated software that had been released that same day (it was "zero-day-old warez") later on, it got repurposed to indicate an exploit that had never been used before (the exploit was again, zero-days-old) (you'll notice a trend here, things can only be called 'zero-day', precisely once) > That meaning has been largely > destroyed by overexposure in the media. Today it simply means "we > want to scare you." the meaning you use here 'difficulty or vulnerability' is part of that overexposure, as the original meaning has been taken up by vendor marketing teams and been stretched to mean all sorts of nonsense things - including 'a measure of difficulty or vulnerability'. It means "zero-days-old" .. any other meaning whatsoever is purely a fabrication by people that didn't know the original meaning in the first place. (Rob, I kinda feel bad about ranting to you on something that's a matter of security history, since you've, well, obviously got seniority on me in this regards: however the appropriation of 'zero-day' by the industry as an utterly meaningless terms is one of those 'if you're not part of the solution, you're part of the problem' kind of issues to me) _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
