You said it, dude. It sounds like secresearcher was talking out his ass.
If theres a vuln discovered in a piece of software everyone should know straight away. That way the attackers and defenders are on an even playing ground; patch up, disable or run the risk. If you leave people in the dark then who knows who else knows about the vuln? All the vulnerable systems sit unpatched and undisabled. If one guy found it, another one could too, and he might not be as altruistic as the first guy. Take it easy, Gud. On Friday 04 Jul 2003 2:14 am, Justin Shin wrote: > Note the name: > > [full-disclosure] > > -- Justin Shin > ----- Original Message ----- > From: <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Thursday, July 03, 2003 6:41 PM > Subject: RE: A Few Realities About Security Re: [Full-Disclosure] Microsoft > Cries Wolf ( again ) > > > > OK secresearcher, I call you on this one. If you're not completely full > of crap, release the vuln the day before M$ does. If you do, I will > personally bow to you and publically eat crow. If you don't, please > go away. > > Curt > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
