[Dailydave] Speculation

[Marc Maiffret]

The debate always just boils down to people's opinions on whether or not the
"bad guys" would have figured it out with or without help from a
conversation on a list like dailydave.

I am not sure anyone is ever wrong or right about this as your opinion only
becomes valid or invalid not depending on what you do but rather what they
do. If someone starts exploiting this DNS flaw tomorrow and it has nothing
to do with any of the conversation here and places get owned then maybe we
were all not talking or doing enough. However, if everyone is owned tomorrow
and it is related to something said here, well then whoever said it will
undoubtedly be angrily blogged about by all sorts.

Really it is a sad reminder that the current state of the art when it comes
to security and the resiliency of our systems has a lot to do with making
sure the good guys only talk about things behind closed doors while hoping
that bad guys don't figure things out before we can patch.

I am happy that lists like Dailydave exist and that there are plenty of
people here who are open to discussing things regardless of mistaken
political correctness.
 
Marc Maiffret
Invenio Security
Security Services & Training
http://www.inveniosecurity.com

> -----Original Message-----
> From: dailydave-bounces at lists.immunitysec.com [mailto:dailydave-
> bounces at lists.immunitysec.com] On Behalf Of Halvar Flake
> Sent: Thursday, July 17, 2008 2:09 PM
> To: dailydave at lists.immunityinc.com
> Subject: [Dailydave] Speculation
> 
> Hey all,
> 
> one question that I forgot: Was it OK to speculate about the DNS
> problem, or is that considered irresponsible, too ?
> 
> Cheers,
> Halvar
> _______________________________________________
> Dailydave mailing list
> Dailydave at lists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave