Bkfsec wrote:
...
>"What you do usually see with full disclosure (likewise with patching),
>which is ironically dragged out as an argument against full disclosure,
>is that when a flaw is disclosed, you do see script kiddies coming out
>of the woodwork making loud noises with automated bots ma
>Why didn't I even try, you say? Past experiences of numerous
researchers
>aside, consider this: Microsoft takes 3-6 months to fix critical but
>non-public vulnerabilities in their flagship software (some of these
flaws
>must've been independently discovered by the rogues, hence putting
>customers
cs of full disclosure. It's just
pain in the neck that might otherwise be avoided or at least minimized.
It's not helping.
-Original Message-
From: Larry Seltzer [mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 26, 2006 4:34 PM
To: [EMAIL PROTECTED]; 'Tim Bilbro'
Cc: ful
. There is no proof that it is either.
Tim Bilbro
Information Security Specialist
CISSP, MCSE
[EMAIL PROTECTED]
web: www.bloglines.com/blog/Bilbro
RSS: www.bloglines.com/blog/Bilbro/rss
___
Full-Disclosure - We believe in it.
Charter: http://lists.g