Text 6091, 254 rader
Skriven 2005-07-15 21:23:14 av Rich (1:379/45)
Kommentar till text 6088 av Geo (1:379/45)
Ärende: Re: eeye's irresponsible self-serving behavior
======================================================
From: "Rich" <@>
This is a multi-part message in MIME format.
------=_NextPart_000_0112_01C58983.69B4B9E0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
eeye's irresponsible self-serving actions are not excused by anyone =
else's actions good or bad, particularly when you make bad analogies.
Rich
"Geo" <georger@nls.net> wrote in message news:42d83d33$1@w3.nls.net...
eeye is not posting instructions on how to kill computer users, they =
are posting details of flaws in consumer product.
And I picked the SMB flaw as an example because it's the kind of flaw =
that's likely to be the next worm vector.
As for the question of eeye providing protection and at the same time =
providing details of a flaw, how did you feel about the details of that =
bicycle lock that could be opened with a ball point pen? Did you have an =
issue with those details being released on the national news because I =
thought that was a good thing. It showed the public just how piss poor a = lock
that junk was. I would however imagine the lock manufacturer has an = attitude
similar to yours, that the information never should have been = released and I
would imagine they would use the same bs arguments you = are using.
Consumers have a right to know the details of the flaws found in =
consumer products. Be it a kids car seat, a bicycle lock, software, a = circuit
breaker, their cars, whatever.
Geo.
"Rich" <@> wrote in message news:42d82aee@w3.nls.net...
Do you really believe that your doors and windows protect you =
from outright attack? If so you are surely going to be sorry. You = escape
harm simply because you one attacks you. Post instructions on = how to do so
and thereby lower the threshold and you will increase the = likelihood of
attack. If someone like eeye came to you and said that = they would sell you
protection and at the same time provided attackers = the information they need,
how you would feel about that extortion?
Where do you get the idea that detailed instructions are missing? =
Maybe the description isn't sufficient for you but I assure you that it =
is sufficient for others. And this example, which I'm sure you picked =
because you thought it weak on details, is not representitive. If you = want
to demonstrate that they do not cause the great harm that they do = you will
need to show that they never do this not that there exists a = single instance
where you thought they did not.
Rich
"Geo" <georger@nls.net> wrote in message =
news:42d822d0@w3.nls.net...
First off, if the security of my home was compromised by a flaw in =
a consumer product I would fully support the posting of the details of = that
flaw.
Second, the detailed exploit instructions are not there, only a =
flaw description is there and only that description is what I and others = want
access to. I believe the attached is the detailed exploit = instructions and
they are only for a DOS not for the remote root = exploit. Of course since you
claim this is already available to all of = us at the eeye URL I linked to you
shouldn't have an issue with me = posting it here, huh?
Geo.
"Rich" <@> wrote in message news:42d7d7c8@w3.nls.net...
Such bullshit. It's not just that you are paranoid, you are =
being silly. Please post the detailed instructions for anyone to break = into
your home and kill your wife and family. You shouldn't keep this = information
exclusive to you. Others may find this useful to protect = themselves. If it
puts your family at risk, so what. "Information" = like this should be free
for all.
As for the eeye press release to which you refer, it sure =
does provide detailed instructions. It may be that you don't recognize = the
terminology but it is there, specific, and detailed.
Rich
------=_NextPart_000_0112_01C58983.69B4B9E0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2900.2668" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2> eeye's irresponsible =
self-serving=20
actions are not excused by anyone else's actions good or bad, = particularly
when=20
you make bad analogies.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A =
href=3D"mailto:georger@nls.net">georger@nls.net</A>> wrote=20
in message <A=20
=
href=3D"news:42d83d33$1@w3.nls.net">news:42d83d33$1@w3.nls.net</A>...</DI=
V>
<DIV><FONT face=3DArial size=3D2>eeye is not posting instructions on =
how to kill=20
computer users, they are posting details of flaws in consumer=20
product.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>And I picked the SMB flaw as an =
example because=20
it's the kind of flaw that's likely to be the next worm=20
vector.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>As for the question of eeye providing =
protection=20
and at the same time providing details of a flaw, how did you feel =
about the=20
details of that bicycle lock that could be opened with a ball point =
pen? Did=20
you have an issue with those details being released on the national =
news=20
because I thought that was a good thing. It showed the public just how =
piss=20
poor a lock that junk was. I would however imagine the lock =
manufacturer has=20
an attitude similar to yours, that the information never should have =
been=20
released and I would imagine they would use the same bs arguments you =
are=20
using.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Consumers have a right to know the =
details of the=20
flaws found in consumer products. Be it a kids car seat, a bicycle =
lock,=20
software, a circuit breaker, their cars, whatever.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42d82aee@w3.nls.net">news:42d82aee@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> Do you really believe =
that your=20
doors and windows protect you from outright attack? If so you =
are=20
surely going to be sorry. You escape harm simply because you =
one=20
attacks you. Post instructions on how to do so and thereby =
lower the=20
threshold and you will increase the likelihood of attack. If =
someone=20
like eeye came to you and said that they would sell you protection =
and at=20
the same time provided attackers the information they need, how you =
would=20
feel about that extortion?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> Where do you get the =
idea that=20
detailed instructions are missing? Maybe the description isn't =
sufficient for you but I assure you that it is sufficient for =
others. =20
And this example, which I'm sure you picked because you thought it =
weak on=20
details, is not representitive. If you want to demonstrate =
that they=20
do not cause the great harm that they do you will need to show that =
they=20
never do this not that there exists a single instance where you =
thought they=20
did not.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A =
href=3D"mailto:georger@nls.net">georger@nls.net</A>>=20
wrote in message <A=20
=
href=3D"news:42d822d0@w3.nls.net">news:42d822d0@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2>First off, if the security of my =
home was=20
compromised by a flaw in a consumer product I would fully support =
the=20
posting of the details of that flaw.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Second, the detailed exploit =
instructions are not there, only a flaw description is there and =
only that=20
description is what I and others want access to. I believe the =
attached is=20
the detailed exploit instructions and they are only for =
a DOS=20
not for the remote root exploit. Of course since you claim this is =
already=20
available to all of us at the eeye URL I linked to you =
shouldn't have=20
an issue with me posting it here, huh?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42d7d7c8@w3.nls.net">news:42d7d7c8@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> Such =
bullshit. It's not=20
just that you are paranoid, you are being silly. Please =
post the=20
detailed instructions for anyone to break into your home and =
kill your=20
wife and family. You shouldn't keep this information =
exclusive to=20
you. Others may find this useful to protect =
themselves. If=20
it puts your family at risk, so what. "Information" like =
this=20
should be free for all.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> As for the eeye =
press release=20
to which you refer, it sure does provide detailed =
instructions. It=20
may be that you don't recognize the terminology but it is there, =
specific, and detailed.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial=20
=
size=3D2></FONT> </DIV></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOC=
KQUOTE></BODY></HTML>
------=_NextPart_000_0112_01C58983.69B4B9E0--
--- BBBS/NT v4.01 Flag-5
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)
|