[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] BANTOWN PRESENTS: Give me 0day or give me death

To: Andrew A <gluttony@xxxxxxxxx>
Subject: Re: [Full-disclosure] BANTOWN PRESENTS: Give me 0day or give me death
From: coderman <coderman@xxxxxxxxx>
Date: Sun, 18 Dec 2005 11:28:53 -0800

On 12/17/05, Andrew A <gluttony@xxxxxxxxx> wrote:
>...
>  I present to you the Eleatic school of hacker ethics.
>
> ... If your computer has been
> programmed to accept my arbitrary code, then there is no moral or ethical
> violation committed when I introduce my code to yours.

sounds good to me, but for pragmatic reasons.  all this bullshit
firewall/IDS/$snake_oil isn't working as advertised (but a false sense
of security so comforting).  perhaps that 7th or 8th remote
root/enable prompt exploit will open their eyes.

your approach may usher in the requisite least privilege based
capability model for network security that would actually be worth a
shit.  (of course, identity management will probably still suck, so
maybe this is wishful thinking...)

see you in Club Fed my brother!
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] BANTOWN PRESENTS: Give me 0day or give me death
  - From: Andrew A

Prev by Date: Re: [Full-disclosure] BANTOWN PRESENTS: Give me 0day or give me death
Next by Date: Re: [Full-disclosure] A CALL FOR FULL-DISCLOSURE TO BECOME AMODERATED LIST
Previous by thread: Re: [Full-disclosure] BANTOWN PRESENTS: Give me 0day or give me death
Next by thread: Re: [Full-disclosure] BANTOWN PRESENTS: Give me 0day or give me death
Index(es):
- Date
- Thread