[233] in bugtraq
Re: full disclosure
daemon@ATHENA.MIT.EDU (Bennett Todd)
Mon Nov 28 17:01:41 1994
From: bet@std.sbi.com (Bennett Todd)
To: mouse@Collatz.McRCIM.McGill.EDU (der Mouse)
Date: Mon, 28 Nov 1994 13:58:20 -0500 (EST)
Cc: bugtraq@fc.net
In-Reply-To: <199411281635.LAA08654@Collatz.McRCIM.McGill.EDU> from "der Mouse" at Nov 28, 94 11:35:07 am
>Feh. I'm disappointed to see you spouting this silliness, spaf,
>especially since if anyone ought to know better, it'd be you.
I thought spaf was on record as being opposed to disclosing exploitation
info for security holes.
Personally, I agree with you, it's important to get the info out there. But
I can see why the vendors would be opposed to it: by and large, they don't
really support their OSes, and so they'd much rather the exploitation info
stay secret, known only by them and by the hard-core burglers.
Happily, there is at least one vendor out there offering _good_ support. I'm
really looking forward to seeing BSDI's product on Suns.
-Bennett
bet@sbi.com
