[482] in bugtraq
Re: Security through obscurity, etc.
daemon@ATHENA.MIT.EDU (Jason Matthews)
Tue Dec 13 02:46:39 1994
Date: Mon, 12 Dec 1994 22:47:53 -0800 (PST)
From: Jason Matthews <jason@dickory.sdsu.edu>
To: jsz <jsz@ramon.bgu.ac.il>
Cc: elfchief@lupine.org, bugtraq@fc.net
In-Reply-To: <9412130418.AA23268@ramon.bgu.ac.il>
On Tue, 13 Dec 1994, jsz wrote:
> CERT consists of beaurocrats; 8lgm of posers -- what's a difference,
> after all?
8lgm does not pretend to be god's gift to the net.
>
> At least you can't use CERT's advisory to crack root on a site, and wipe
> out important files; 8lgm's advisories were, and in fact are being used
> for those purposes as well.
I am sure this has been said by doozens of people but:
If you restrict exploits to the script hackers then only the script hackers
will know what they are. In turn, organizations like CERT will not know
what they are until some time after the release; when the effects can be
exaimed second hand.
Pick your posion.
Jason
----------------------------------------------------------------------------
jason@dickory.sdsu.edu San Diego State University
jason@mentor.sdsu.edu College of Engineering
jason@BOOM.extern.ucsd.edu Electrical*Computer Engineering
----------------------------------------------------------------------------
