[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] no more public exploits

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] no more public exploits
From: list@xxxxxxxxx
Date: Wed, 28 Apr 2004 12:54:12 +0200

Hello,

johnny cyberpunk wrote:

this is an anouncement that i personally have no more intention to publish any further exploits to the public.

sad to read that. But it's your decision we have to accept, if we agree or not, if we like it or not.

too many flames from guys who are too lame to use the exploits or to fix offsets for other targets. too many risks that kiddies around the world use it for bad purposes.

I can understand the first, but not the second. In order to avoid kiddies to use your code, just release source code that is a little bit buggy - with some typos, for example. In contrast to pentesters, kiddies are usually not able to find and correct bugs in a source code, so the code will be useless for them.

i saw, that the original intention, to publish exploits, for pentesting or patch verifing purposes didn't work.

IMHO your intention to publish exploits *does* work. But: There will always be some people that use published exploits for, hmmm, let's say: other purposes. Did you really think that would never happen with yours? That's hard to believe.

> remember, that i speak just for me, not for the rest of the group.

I hope that others - not only in your group - will not follow your example.

GTi

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] no more public exploits
  - From: johnny cyberpunk

Prev by Date: RE: [Full-Disclosure] ezine
Next by Date: Re: AW: [Full-Disclosure] no more public exploits
Previous by thread: RE: [Full-Disclosure] no more public exploits
Next by thread: Re: [Full-Disclosure] no more public exploits
Index(es):
- Date
- Thread