This is Full-Disclosure if you didn't notice. I personally don't care about the vendors. I disclosure. going to check the stores can get me nothing but jail time. but if it's not prohibited by law hell i will disclosure such list. Javor Ninov aka DrFrancky http://securitydot.net/ Tim Bilbro wrote: > You do a disservice to all IT shops by announcing these vulnerabilities > before contacting the vendor. I am sure it would not generate as much > web traffic to your site, but it is only fair and right to allow at > least some amount of time for the vendor to respond. If you think you > are helping, you are wrong. Would you go around town checking which > stores are unlocked at night and then publish the list in the news > before letting the shop owners know? That's pretty much what you are > doing. It's just not helping. There is no proof that it is either. > > *Tim Bilbro* > Information Security Specialist > CISSP, MCSE > /trbilbro@xxxxxxxxxxx/ > /web: //_www.bloglines.com/blog/Bilbro_/ > <file://www.bloglines.com/blog/Bilbro>// > /RSS: //_www.bloglines.com/blog/Bilbro/rss_/ > <file://www.bloglines.com/blog/Bilbro/rss>// > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/