On Thu, Jul 17, 2014 at 12:32:26PM -0700, coderman wrote: > On Thu, Jul 17, 2014 at 12:19 PM, Andy Isaacson <[email protected]> wrote: > > ... > > And once you've patched this bug, FOXACID will update to issue another > > 0day. > > > > It's worth doing, for sure! Patching bugs makes us all incrementally > > safer. > > > > But don't pretend that patching the specific attack your adversary is > > currently using will disable or even seriously inconvenience the > > adversary. > > > this is exactly why some who have received these payloads are sitting > on them, rather than disclosing. > > it is more useful to mitigate privately, and observe how/when an > exploit is used, > than burn it publicly for zero effective security improvement. > > (the less scrupulous would sell to highest bidder for other clandestine hacks) > > > better ideas welcome! > > > best regards,
/me agrees with this. how would the dear NSA respond to a target who ``borrowed'' the sploits, trolls them and advertises vulnerable to the borrowed sploits configuration, yet the borrowed sploits don't work? (the advertised configuration is not at all vulnerable to the borrowed sploits).
