[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Please don't feed the troll (was: Re: [Full-Disclosure] Is Marty Lying?)

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Please don't feed the troll (was: Re: [Full-Disclosure] Is Marty Lying?)
From: Cael Abal <lists@xxxxxxxxxx>
Date: Tue, 23 Sep 2003 08:45:53 -0400

The "code audit" that you guys did to make sure nothing was backdoored was
quite thorough too, considering since then remote bugs in Snort have been
published.  If you can't even spot the vulnerable code you introduce into
your source tree by accident, how can you definitively argue that no one
else snuck in subtle bugs that you also didn't catch?


I'm sure it would have been extraordinarily difficult to run 'diff' on
the codebase before the intrusion and the one after, to see if any of
the changes weren't accounted for.

For you, yes.

We all know how snot feels about IDS', and all agree he's absolutely, undeniably, wrong -- let's not waste any more bandwidth on it, shall we?

take care,

Cael

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] Is Marty Lying?
  - From: Martin Roesch
- Re: [Full-Disclosure] Is Marty Lying?
  - From: security snot
- Re: [Full-Disclosure] Is Marty Lying?
  - From: Blue Boar
- Re: [Full-Disclosure] Is Marty Lying?
  - From: security snot

Prev by Date: [Full-Disclosure] Just when you thought Macafee stuff was safe!
Next by Date: RE: [Full-Disclosure] shout out 4 ...
Previous by thread: Re: [Full-Disclosure] Is Marty Lying?
Next by thread: Re: [Full-Disclosure] Is Marty Lying?
Index(es):
- Date
- Thread