Security threats Toolkit
Story: Malware authors mixing a lethal cocktail
Posted by: non mouse (Thursday 9 December 2004, 7:10 PM)
Don't understand why she says she is against anyone who publishes vulnerabilities. Many times people find a hole, they approach M$/other software vendor and are ignored. The hackers know the vulnerabilities and share them amongst themselves. Sometimes, publishing the vulnerabilities is the only way to get the vendor to fix the problem.
By not publishing the vulnerabilities, the only people who get hurt are the admins who can't protect against something they don't know exists. The hackers will share the holes and exploit them regardless.
Maybe she means there should be a recommended delay between finding the hole, informing the vendor, and publishing?
Full Talkback thread
Story: Malware authors mixing a lethal cocktail
-
I really wish there were laws that forced these je... Anonymous -
Your political orientation has little to do w... Michael Geier -
Yeah not all hackers are involved in that or suppo... Squasatch
-
Being against anyone who publishes information abo... Jason
-
"This is why vulnerabilities are so important," sa... Peter Northe
-
Don't understand why she says she is against anyon... non mouse -
Time to install a good SELinux policy. Red Hat Fe... Anonymous
-
Laws against writing viruses, DOS attacks, et... Bill H.
-
Anonymous Consultant in Sweden wrote :
>
I to... Anonymous
-
Virus writers could well start focussing... Chris Rankin -
Without publishing the vulnerabilities, how can on... Anonymous
-
Short and simple, Kaspersky is a twit.
"We are aga... Christian Sullivan
-
I read in the newspaper about a technology which s... Anonymous
