Richard, some folks think that publicly disclosing the vulnerability is actually the "best" way to handle these situations. There's a long standing debate regarding the merits of full disclosure and its impact on the user community, vendors, and admins. Not that wikipedia is the authority on all this, but there's a decent description of the problem there:
http://en.wikipedia.org/wiki/Full_disclosure There are certainly pros and cons to both sides of the argument... however I don't think it's accurate to say the best course of action is to just email Valve. I, for one, don't have any problem with this info being mailed to this list (as if my opinion counts here). The ppl who want to exploit these vulnerabilities are already aware of them. Might as well let the admins know what's going on and hopefully hold Valve's feet to the fire a bit. later bruce On Mar 10, 2009, at 10:13 PM, Richard Eid wrote: > As always, it's best to e-mail these exploits to someone at Valve > directly, > or to Support, instead of broadcasting them, in detail, here on the > list. > Forcing Valve's hand to fix these doesn't do much for the players > until a > fix comes out. All you have done, again, is share the details of an > exploit > that people will use to ruin the experience of the game for people > who want > to play it seriously. > > It's not just that "hackers/cheaters" sign up for the list to find > stuff > like this, because there are plenty of other means for getting this > this > type of information, but there are people on the list that will use > this > exploit only because they now know how to do it. Then they'll share > the > details of it with other people, who share it with even more people, > and so > on and so forth. > > I thought this was clear the last time you posted an exploit? Or > maybe I'm > just not getting the point of posting another exploit, with details. > > -Richard Eid > > > On Tue, Mar 10, 2009 at 9:03 PM, Tony Paloma > <[email protected]>wrote: > >> Jay grabbed the intercom mic. "Shut up, please," he observed. >> >> -----Original Message----- >> From: [email protected] >> [mailto:[email protected]] On Behalf Of Rick Payton >> Sent: Tuesday, March 10, 2009 6:55 PM >> To: Half-Life dedicated Win32 server mailing list >> Subject: Re: [hlds] New? Hunter Exploit >> >> Refresh the page. >> >> -mauirixxx >> -Sent from the random steambans website: >> http://www.kingdomsend.com/steamban.php >> -----Original Message----- >> From: [email protected] >> [mailto:[email protected]] On Behalf Of Aj Collins >> Sent: Tuesday, March 10, 2009 3:53 PM >> To: Half-Life dedicated Win32 server mailing list >> Subject: Re: [hlds] New? Hunter Exploit >> >> SakeFox, need moar people. >> >> On Tue, Mar 10, 2009 at 9:48 PM, SakeFox <[email protected]> >> wrote: >> >>> lets just make it more fun, just randomly ban cretin people >>> everyday. >>> http://www.kingdomsend.com/steamban.php >>> >>> msleeper wrote: >>>> It is absurd that people are still going on and on about it. >>>> >>>> I thought about making a quick plugin that would probably cockblock >>>> this problem, but fuck it, we'll do it live. Patrick can write it >>>> now if he wants to stop it so badly. >>>> >>>> >>>> On Tue, 2009-03-10 at 15:36 -1000, Rick Payton wrote: >>>> >>>>> What can I say? I countered a lame jab by taking it a huge step >> further. >>>>> Msleeper even took it a step further. Ok I may be the only one >>>>> that >> >>>>> get's a chuckle out of it, due to the absurdity of it all. >>>>> >>>>> But fuck Patrick ... Try harder dude? >>>>> >>>>> -mauirixx >>>>> -Sent from #tryharder >>>>> -----Original Message----- >>>>> From: [email protected] >>>>> [mailto:[email protected]] On Behalf Of Patrick >>>>> Shelley >>>>> Sent: Tuesday, March 10, 2009 3:30 PM >>>>> To: Half-Life dedicated Win32 server mailing list >>>>> Subject: Re: [hlds] New? Hunter Exploit >>>>> >>>>> I'm sorry Rick, please accept my sincere apologies - i forgot you >>>>> were the only paid up member of msleepers fan club. >>>>> >>>>> Now get back in your box with sleeper, we'll tape the lid down and >>>>> mail you both off to Valve HQ - im sure they could do with beating >>>>> the crap out of another pinata. >>>>> _______________________________________________ >>>>> To unsubscribe, edit your list preferences, or view the list >>>>> archives, please visit: >>>>> http://list.valvesoftware.com/mailman/listinfo/hlds >>>>> >>>>> _______________________________________________ >>>>> To unsubscribe, edit your list preferences, or view the list >>>>> archives, >>> please visit: >>>>> http://list.valvesoftware.com/mailman/listinfo/hlds >>>>> >>>> >>>> >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list >>>> archives, >>> please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlds >>>> >>>> >>>> >>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list >>> archives, >> >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds >>> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list >> archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list >> archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list >> archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list > archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
