[96158] in North American Network Operators' Group
Re: UK ISP threatens security researcher
daemon@ATHENA.MIT.EDU (Gadi Evron)
Fri Apr 20 09:21:19 2007
Date: Fri, 20 Apr 2007 08:19:03 -0500 (CDT)
From: Gadi Evron <ge@linuxbox.org>
To: Simon Lyall <simon@darkmere.gen.nz>
Cc: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.56.0704201130430.4395@localhost.localdomain>
Errors-To: owner-nanog@merit.edu
On Fri, 20 Apr 2007, Simon Lyall wrote:
>
> On Thu, 19 Apr 2007, Gadi Evron wrote:
> > Looking at the lack of security response and seriousness from this ISP, I
> > personally, in hindsight (although it was impossible to see back
> > then) would not waste time with reporting issues to them, now.
>
> These days there is almost never any reason to report a security issue
> unless you are a professional security researcher who is looking for
> publicity/work. [1]
Now, that is off-topic to NANOG.
One comment: just because they are not reported does not mean they are not
used. Proved beyond doubt this past year with all the 0day attacks and
targeted attacks going on.
Gadi.
