[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Python ssl handling could be better...
- To: full-disclosure <Full-Disclosure@xxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Python ssl handling could be better...
- From: Michael Krymson <krymson@xxxxxxxxx>
- Date: Fri, 4 Mar 2011 13:03:18 -0600
Thanks! As a note, I didn't entirely mean my last post to be snarky about
viewpoints and "career defenders" or dick measuring or anything. As Marsh
said, it's an interesting place to be when you talk about, "good enough"
security, as opposed to what we'd all love to have. Even two devout security
experts can argue over such things...which may be a fundamental reason
security overall gets exasperated looks from laymen/mgmt....
My end (implied) point was just that there are different viewpoints, both of
which may be defensible to the death, and neither of which may be wrong. I
don't take exception to any of the presented viewpoints except only slightly
to any that say the risk to one is the same as another, when it's not.
Whether both are trivial isn't something I'd wade too deeply into.
I will, however, humorously point out that not seeing anything in black and
white is...sort of black and white... :)
Have a relaxing weekend, and maybe more entertaining discussions will return
with less mentally capable people than those in this thread!
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/