[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Vulnerability Disclosure Debate
- To: <full-disclosure@lists.netsys.com>
- Subject: Re: [Full-Disclosure] Vulnerability Disclosure Debate
- From: Florian Weimer <fw@deneb.enyo.de>
- Date: Thu, 07 Aug 2003 21:22:24 +0200
"Joel R. Helgeson" <joel@helgeson.com> writes:
> If they did that, how could we write NESSUS plugins that would accurately
> scan for vulnerabilities?
You don't, so you buy a proprietary scanner.
Look at who's takes part in those coordinating forums. Some companies
certainly have conflicting interests.
> Managing security by applying patches is fundamentally flawed. The
> programmers need to write secure code. The onus is on them, not us.
Then why do you think it's of any importance to write Nessus plugins? 8-)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html