Today, it's a decision made by the security researcher and the company they work for who gets what exploit code. Down the road, my expectation is that the question will be addressed in courts via civil lawsuits.
Richard -----Original Message----- From: Day Jay [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 29, 2003 5:16 PM To: Richard M. Smith Cc: [EMAIL PROTECTED] Subject: RE: [Full-Disclosure] [Secure Network Operations, Inc.] Full Disclosure != Exploit Release And what makes you think that you and your friends who share your dozen exploits are the right hands? What because you have the skill to write them, you are the right hands? Who decides who can have what? That's what I thought. > > OTOH we know that public proof-of-concept examples > are going to get into > the wrong hands. > > Richard > __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
