Re: Security through obscurity, etc.

Jason Matthews (jason@dickory.sdsu.edu)
Mon, 12 Dec 1994 22:47:53 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Paul 'Shag' Walmsley: "Re: this is interesting..."
Previous message: Mark: "Re: this is interesting..."
In reply to: jsz: "Re: Security through obscurity, etc."
Next in thread: jsz: "Re: Security through obscurity, etc."

On Tue, 13 Dec 1994, jsz wrote:

> CERT consists of beaurocrats; 8lgm of posers -- what's a difference, 
> after all?

8lgm does not pretend to be god's gift to the net.

> 
> At least you can't use CERT's advisory to crack root on a site, and wipe
> out important files; 8lgm's advisories were, and in fact are being used
> for those purposes as well.

I am sure this has been said by doozens of people but:
If you restrict exploits to the script hackers then only the script hackers
will know what they are. In turn, organizations like CERT will not know 
what they are until some time after the release; when the effects can be 
exaimed second hand.

Pick your posion.

Jason

----------------------------------------------------------------------------
jason@dickory.sdsu.edu			  San Diego State University
jason@mentor.sdsu.edu   		    College of Engineering
jason@BOOM.extern.ucsd.edu               Electrical*Computer Engineering 
----------------------------------------------------------------------------

Next message: Paul 'Shag' Walmsley: "Re: this is interesting..."
Previous message: Mark: "Re: this is interesting..."
In reply to: jsz: "Re: Security through obscurity, etc."
Next in thread: jsz: "Re: Security through obscurity, etc."