On Sun, 28 Aug 2005, Jason Coombs wrote: > The problem with knowing a thing or two about a thing or two is that > you're constantly arguing with other people who know nothing about > things that nobody else can possibly understand, and that nobody will be > forced to learn about or consider carefully until it's too late for the > knowledge to save them from harm.
Slow day Jason? > This is yet another reason that full disclosure is crucial to everyone's > readiness and to our ability to defend ourselves... Discussion and > analysis of complex subjects, with real-world study and disclosure of > failures and mistakes, prepares us to understand new risks and classify > new threats according to actual significance in our situations. > > So, thank you both for sharing your debate and thereby calling attention > to an area of uncertainty in practice, but if you're going to argue > about definitions of routing tables vs. ACLs, why not do it in a way > that mere mortals are able to understand some day in the future when > they find your debate archived somewhere because their Cisco router's > ACL ruleset failed to consider the fact that they had routes and > multihomed interfaces configured dynamically by an attacker who knew > better than the victim just how ACLs are parsed and precisely what the > difference is between a good ACL and a bad one -- or where an attacker > knew there was another interface physically attached to the Cisco device > where a small wireless access point could be attached, which WAP would > automatically assign the Cisco device another endpoint address in the > WAP's address space. Heartily agreed. In spite of that agreement, thank you for providing that wonderful tidbit. > Fuck off doesn't add to the substance of the technical arguments, and > even trying to understand why you are debating at all there does not > appear to be any reason Actually, I accept responsibility for the ambiguity: the "FUCK OFF" was not directed at the technical pseudodebate, it was directed at the lunatic telephone calls. So, for the sake of clarity and in the spirit of Full Disclosure, allow me to be clearer the second time around: Eric: FUCK YOU. (As opposed to "FUCK OFF"). There. I feel better now :-) //Alif -- Yours, J.A. Terranson [EMAIL PROTECTED] 0xBD4A95BF I like the idea of belief in drug-prohibition as a religion in that it is a strongly held belief based on grossly insufficient evidence and bolstered by faith born of intuitions flowing from the very beliefs they are intended to support. don zweig, M.D. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
