On Sun, Apr 20, 2008 at 1:10 AM, coderman <[EMAIL PROTECTED]> wrote: > On Sat, Apr 19, 2008 at 5:02 PM, n3td3v <[EMAIL PROTECTED]> wrote: > > ... > > > It doesn't matter how old it is, as long as no patch is available, it > > will always come out of no where and pwn your ass. > > again you show your ignorance.
No, you show yours by only reading the first sentence of my e-mail and cutting the rest out which explained it all to you. > if you are aware of the risk, there are a multitude of mitigations, > outside of official vendor patches. But from the computers point of view it doesn't care, if the vulnerability is not patched by the official vendor then its still a 0-day. > > if you are aware of the vulnerability, it is no longer 0day. As I said in previous e-mail, *you* being aware doesn't matter to the term 0-day, because its a reference to a threat level to a computer, not the human mind and how many days ago the human became aware. Its purely a mechanical term for the computer, not anything to do with what humans think. A computer doesn't count how many days ago, it counts in 0 and 1's, so it doesn't count the days inbetween, to the computer there is only 0-day then patched is 1, thats what the reference is all about. Regards, n3td3v _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
