> Or maybe he just has an obsession with knowing how things > work. I know I do... to a fault. > > -- > > Marc Soda HEAR HEAR! Well said. And it is THAT menatality which sums up full disclosure in its entirety. Well said... I hate to beat a dead horse, but it seems some folks fail to see the horse at all. This is the Vuln-Dev mailing list - perhaps the most dangerous of all the full disclosures because we sit in here and discuss FUTURE holes and problems. (so the worst offense the original poster could have made was posting to the wrong list...) But it being dangerous is irrelevant. We cannot eliminate crime by banning the guns - this has been proven. So we should all come to this list with the open-mind and curiosity which makes us admins or hackers to begin with... Censoring or controlling the flow of code has only one or two merits, and it's not in the whitehats favor I speak of. When someone asks for a script or a piece of elegant code which exploits a publically announced hole, give it to them. EVERYTIME! Let their curiosity and experience with it be their teacher in creating new and ultimately BETTER security professionals. Think about it. The more Experts we create, the more script-kiddies we catch!! -oliver p.
This archive was generated by hypermail 2b30 : Fri Sep 07 2001 - 12:07:07 PDT