Hokay, my $.02, and I'll shut up so that maybe, just MAYBE, we can get back to discussing bugs (My /dev/tcp question would be a GREAT one to discuss. Any takers?) On the side of people who would like security through obscurity, their biggest complaint is invariably that as soon as 8lgm (or whoever) posts how to break bug XXX, they immediately get many attacks on their systems, etc. Okay, sounds fair. On the side of people who like full disclosure (for the record, that group includes myself), our biggest complaint about obscurity is that not only do we not know what a bug is, but we have no way to check to see if bug X exists on Y systems (especially true for those of us running bastardized OSs). Add this to the fact that even if we don't know about a bug, the underground DOES -- This is pretty much an undisputed fact. I think there can be a happy median here. I think the BIGGEST complaint overall with 8lgm (and I'll admit, even /I/ have grumbled a time or two) is that 8lgm's messages (until recently) all contained 'plug and go' exploit scripts that ANY moron could save to a file and execute -- This is going a bit above and beyond the call of duty, IMHO -- Especially considering that it's not always thouroughly clear by looking at the exploit scripts what the bug really IS. Why doesn't 8lgm, instead of posting exploit scripts, post DETAILED KNOWLEDGE of the bug, including source snippets if they can, so that those of us that are capable can diagnose our own systems, work around bugs (etc), while the average joe-on-the-street doesn't just have a plug- and-go attack on a system. Any hacker with the ability to turn bug details into an exploit script probably already knows about the bugs anyhow. Well, this is just my $.02. I think if 8lgm continues they way they're going (with things like their SCO 'login' problem -- Which basically said "There's a bug, no fix and no workaround, so nyah"), I'd rather just see them go away. I echo Pat's comments (I think that was Pat) about only needing one CERT. -WW