On Sun, Jun 08, 2003 at 02:22:36PM +0200, Eli Billauer wrote: > Muli Ben-Yehuda wrote: > > >The three possibilities are: > > > >- Wireless (in)security and war driving
Wireless networks (in)security. Obviously, it's much harder to secure a wireless network - you don't need physical access to join it. War driving refers to the process of driving around, searching for and finding open wireless network. > >- Setting up a SPAM filtering system (MUA independent) How to set up a spam filtering system. Since it's MUA independent, I assume it's server based? > >- Full disclosure (non technical) The most interesting of the bunch, IMHO. Let's say you discover a serious security vulnerability in, for example, the Linux kernel. Whom should you tell, and what should you say? should you say "there is a bug, beware", say "there's a bug, here's how to exploit it and here's how to fix it", or just not say anything? If you tell everyone how to exploit it, it will get fixed, but many people will get cracked. If you don't tell anyone, people will not get cracked, but neither will the bug get fixed. The term "full disclosure" refers to telling everything, publicly. The lecture should be called, I suppose, "full disclose - pros and cons, and how much?" There have been various hitted debates on this subject on the bugtraq mailing list and elsewhere. Let me know if you want pointers (fascinating subject, really). > I'm afraid I can't figure out what to expect from either of these > lectures. Could you please say a few words about each of them? Or if we > want to be really wild about it: Let us see the slides? Aviram, anything I got wrong, please fix :-) -- Muli Ben-Yehuda http://www.mulix.org http://www.livejournal.com/~mulix/
pgp00000.pgp
Description: PGP signature
