[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Security & Obscurity: First-time attacks and lawyer jokes
- To: Peter Swire <peter@xxxxxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] Security & Obscurity: First-time attacks and lawyer jokes
- From: Georgi Guninski <guninski@xxxxxxxxxxxx>
- Date: Thu, 2 Sep 2004 22:26:22 +0300
On Thu, Sep 02, 2004 at 12:24:29PM -0400, Peter Swire wrote:
> ...... In talking
> with people who write software, however, I was repeatedly struck by
> their observation that it takes considerable hard work and expertise to
> find new vulnerabilities....................
darling,
you are missing the point.
i can't sing, but this does not make singing a hard (NP) problem.
what do you expect, the developers to say: "we are so fuckingly lame, so any
nonstandard kid from a third world country can fuck us hard"?.
for the sake of the argument, let's assume there are as low as 10^6 bugs in m$
warez. to take over the world (and in particular any target thereof) a kid
needs as low as 10^2 or even 10 or even 1 exploits.
any "real world" ('tm' of god) analogies?
--
It's better to be a pirate than join the navy. -- steve jobs
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html