[Full-Disclosure] No Subject (re: openssh exploit code?)
Robert Ahnemann
rahnemann at affinity-mortgage.com
Tue Oct 21 21:27:11 BST 2003
> -----Original Message-----
> From: Blue Boar [mailto:BlueBoar at thievco.com]
> Sent: Tuesday, October 21, 2003 2:19 PM
> To: mitch_hurrison at ziplip.com
> Cc: jasonc at science.org; full-disclosure at lists.netsys.com
> Subject: Re: [Full-Disclosure] No Subject (re: openssh exploit code?)
>
> mitch_hurrison at ziplip.com wrote:
> > My main point being there is simply no
> > need for the disclosure of exploits.
>
> English is a funny language. Based on the rest of your note, I assume
> by "no need", you mean that there's no one forcing you to release your
> exploits, and you see no moral imperitive that says you should, yes?
Or
> do you also mean to say that there is "no need" on the part of others,
> by which I mean that you don't believe that other people can put
> exploits to legal, productive uses?
Which makes an even better point: if there is 'no need' to disclose
exploits, what are you doing on a full disclosure list in the first
place?
Full-Disclosure is hosted and sponsored by Secunia.