Text 6099, 273 rader
Skriven 2005-07-16 12:48:06 av Geo (1:379/45)
Kommentar till text 6091 av Rich (1:379/45)
Ärende: Re: eeye's irresponsible self-serving behavior
======================================================
From: "Geo" <georger@nls.net>
This is a multi-part message in MIME format.
------=_NextPart_000_008D_01C58A04.9D405B30
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
and nobody cares when an employee of the manufacturer of the flawed = product
bitches about the people exposing the flaws. Eeye does not need = you to excuse
them.
Geo.
"Rich" <@> wrote in message news:42d88a08@w3.nls.net...
eeye's irresponsible self-serving actions are not excused by anyone =
else's actions good or bad, particularly when you make bad analogies.
Rich
"Geo" <georger@nls.net> wrote in message =
news:42d83d33$1@w3.nls.net...
eeye is not posting instructions on how to kill computer users, they =
are posting details of flaws in consumer product.
And I picked the SMB flaw as an example because it's the kind of =
flaw that's likely to be the next worm vector.
As for the question of eeye providing protection and at the same =
time providing details of a flaw, how did you feel about the details of = that
bicycle lock that could be opened with a ball point pen? Did you = have an
issue with those details being released on the national news = because I
thought that was a good thing. It showed the public just how = piss poor a lock
that junk was. I would however imagine the lock = manufacturer has an attitude
similar to yours, that the information = never should have been released and I
would imagine they would use the = same bs arguments you are using.
Consumers have a right to know the details of the flaws found in =
consumer products. Be it a kids car seat, a bicycle lock, software, a = circuit
breaker, their cars, whatever.
Geo.
"Rich" <@> wrote in message news:42d82aee@w3.nls.net...
Do you really believe that your doors and windows protect you =
from outright attack? If so you are surely going to be sorry. You = escape
harm simply because you one attacks you. Post instructions on = how to do so
and thereby lower the threshold and you will increase the = likelihood of
attack. If someone like eeye came to you and said that = they would sell you
protection and at the same time provided attackers = the information they need,
how you would feel about that extortion?
Where do you get the idea that detailed instructions are =
missing? Maybe the description isn't sufficient for you but I assure = you
that it is sufficient for others. And this example, which I'm sure = you
picked because you thought it weak on details, is not = representitive. If you
want to demonstrate that they do not cause the = great harm that they do you
will need to show that they never do this = not that there exists a single
instance where you thought they did not.
Rich
"Geo" <georger@nls.net> wrote in message =
news:42d822d0@w3.nls.net...
First off, if the security of my home was compromised by a flaw =
in a consumer product I would fully support the posting of the details = of
that flaw.
Second, the detailed exploit instructions are not there, only a =
flaw description is there and only that description is what I and others = want
access to. I believe the attached is the detailed exploit = instructions and
they are only for a DOS not for the remote root = exploit. Of course since you
claim this is already available to all of = us at the eeye URL I linked to you
shouldn't have an issue with me = posting it here, huh?
Geo.
"Rich" <@> wrote in message news:42d7d7c8@w3.nls.net...
Such bullshit. It's not just that you are paranoid, you =
are being silly. Please post the detailed instructions for anyone to = break
into your home and kill your wife and family. You shouldn't keep = this
information exclusive to you. Others may find this useful to = protect
themselves. If it puts your family at risk, so what. = "Information" like
this should be free for all.
As for the eeye press release to which you refer, it sure =
does provide detailed instructions. It may be that you don't recognize = the
terminology but it is there, specific, and detailed.
Rich
------=_NextPart_000_008D_01C58A04.9D405B30
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1505" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>and nobody cares when an employee of =
the=20
manufacturer of the flawed product bitches about the people exposing the =
flaws.=20
Eeye does not need you to excuse them.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42d88a08@w3.nls.net">news:42d88a08@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> eeye's irresponsible =
self-serving=20
actions are not excused by anyone else's actions good or bad, =
particularly=20
when you make bad analogies.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A =
href=3D"mailto:georger@nls.net">georger@nls.net</A>>=20
wrote in message <A=20
=
href=3D"news:42d83d33$1@w3.nls.net">news:42d83d33$1@w3.nls.net</A>...</DI=
V>
<DIV><FONT face=3DArial size=3D2>eeye is not posting instructions on =
how to kill=20
computer users, they are posting details of flaws in consumer=20
product.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>And I picked the SMB flaw as an =
example because=20
it's the kind of flaw that's likely to be the next worm=20
vector.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>As for the question of eeye =
providing=20
protection and at the same time providing details of a flaw, how did =
you=20
feel about the details of that bicycle lock that could be opened =
with a ball=20
point pen? Did you have an issue with those details being released =
on the=20
national news because I thought that was a good thing. It showed the =
public=20
just how piss poor a lock that junk was. I would however imagine the =
lock=20
manufacturer has an attitude similar to yours, that the information =
never=20
should have been released and I would imagine they would use the =
same bs=20
arguments you are using.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Consumers have a right to know the =
details of=20
the flaws found in consumer products. Be it a kids car seat, a =
bicycle lock,=20
software, a circuit breaker, their cars, whatever.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42d82aee@w3.nls.net">news:42d82aee@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> Do you really =
believe that your=20
doors and windows protect you from outright attack? If so =
you are=20
surely going to be sorry. You escape harm simply because you =
one=20
attacks you. Post instructions on how to do so and thereby =
lower the=20
threshold and you will increase the likelihood of attack. If =
someone=20
like eeye came to you and said that they would sell you protection =
and at=20
the same time provided attackers the information they need, how =
you would=20
feel about that extortion?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> Where do you get the =
idea that=20
detailed instructions are missing? Maybe the description =
isn't=20
sufficient for you but I assure you that it is sufficient for=20
others. And this example, which I'm sure you picked because =
you=20
thought it weak on details, is not representitive. If you =
want to=20
demonstrate that they do not cause the great harm that they do you =
will=20
need to show that they never do this not that there exists a =
single=20
instance where you thought they did not.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Geo" <<A =
href=3D"mailto:georger@nls.net">georger@nls.net</A>>=20
wrote in message <A=20
=
href=3D"news:42d822d0@w3.nls.net">news:42d822d0@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2>First off, if the security of =
my home was=20
compromised by a flaw in a consumer product I would fully =
support the=20
posting of the details of that flaw.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Second, the detailed =
exploit=20
instructions are not there, only a flaw description is there and =
only=20
that description is what I and others want access to. I believe =
the=20
attached is the detailed exploit instructions and they =
are=20
only for a DOS not for the remote root exploit. Of course since =
you=20
claim this is already available to all of us at the eeye =
URL I=20
linked to you shouldn't have an issue with me posting it here,=20
huh?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Geo.</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: =
5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Rich" <@> wrote in message <A=20
=
href=3D"news:42d7d7c8@w3.nls.net">news:42d7d7c8@w3.nls.net</A>...</DIV>
<DIV><FONT face=3DArial size=3D2> Such =
bullshit. It's=20
not just that you are paranoid, you are being silly. =
Please post=20
the detailed instructions for anyone to break into your home =
and kill=20
your wife and family. You shouldn't keep this =
information=20
exclusive to you. Others may find this useful to protect =
themselves. If it puts your family at risk, so =
what. =20
"Information" like this should be free for all.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2> As for the eeye =
press=20
release to which you refer, it sure does provide detailed=20
instructions. It may be that you don't recognize the =
terminology=20
but it is there, specific, and detailed.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>Rich</FONT></DIV>
<DIV><FONT face=3DArial=20
=
size=3D2></FONT> </DIV></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></BLOC=
KQUOTE></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_008D_01C58A04.9D405B30--
--- BBBS/NT v4.01 Flag-5
* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45)
|