I can't stand all these "security companies" that just throw out another vulnerability scanner that links to Bugtraq, scans named pipes, DCOM, etc and do pentests and call themselves accomplished firms. In fact, I don't really like the InfoSec community much at all. I saw a very interesting comparison once between the InfoSec community and the mafia. It went something like this:
1.) Mafia tells businessmen that they might be "in danger" (internet threat level).
2.) Mafia sends goons to "take care" of said businessmen" (release "proof-of-concept" exploits, thus releasing a shockwave of script-kiddies).
3.) Mafia gets its payment from the sucker businessmen (InfoSec firm gets hired to do pentest/fix holes/sells some bullshit product to companies).
It was longer than that, but you get the idea. I do agree with releasing exploits after a vendor patch has been released, but that isn't how it goes much of the time.
One more rant... this one on InfoSec.
Moderator: Forum Guards
5 posts
• Page 1 of 1
One more rant... this one on InfoSec.
by kBo » Sun Jul 02, 06 8:31 pm
"Phreaking doesn't exist. It's an abstract concept that is blindly supported by the collective consciousness of a flakey subculture. You saw nothing."
-
kBo
- Master
- Posts: 1698
- Joined: Wed Dec 24, 03 2:52 pm
- Location: North Carolina, USA
by DarkKnight » Sun Jul 02, 06 8:42 pm
To understand a bit of the madness behind releasing expliots, you have to understand the Microsoft/community relationship.
People have, in the past, given expliots to software companies without releaseing them. This enables the software company to fix the problem, and the person to be happy the bug is finally fixed.
However, Microsoft, the worlds biggest/most important software company deoes things differently. Even if handed an expliot, which they could patch in a day and have every one safe, they don't. Instead, only things that are considered a risk (aka, in the public domain) are fixed. The only way to get Microsoft to fix that nasty little bug, is to infact make it a nice big one.
This is in stark contrast to Linux, as you should know. The people find bugs, the bugs are fixed, every one is happy.
People have, in the past, given expliots to software companies without releaseing them. This enables the software company to fix the problem, and the person to be happy the bug is finally fixed.
However, Microsoft, the worlds biggest/most important software company deoes things differently. Even if handed an expliot, which they could patch in a day and have every one safe, they don't. Instead, only things that are considered a risk (aka, in the public domain) are fixed. The only way to get Microsoft to fix that nasty little bug, is to infact make it a nice big one.
This is in stark contrast to Linux, as you should know. The people find bugs, the bugs are fixed, every one is happy.
I'm a lover, that's why I do this posting.
I don't need the forum,
I do it to save you ignorant bastards from your self.
-
DarkKnight
- Forum Super Hero
- Posts: 4064
- Joined: Wed Dec 10, 03 10:01 am
- Location: Under the bridge.
by Alistair » Sun Jul 02, 06 8:58 pm
I like Microsoft, all their bugs and exploits that damages pc's make me money by fixing them 
-
Alistair
- Forum Hero
- Posts: 2575
- Joined: Sun Jan 30, 05 2:02 pm
- Location: England, UK
by DarkKnight » Sun Jul 02, 06 10:37 pm
Konami wrote:I like Microsoft, all their bugs and exploits that damages pc's make me money by fixing them
And it makes money for the people you rant about.
I'm a lover, that's why I do this posting.
I don't need the forum,
I do it to save you ignorant bastards from your self.
-
DarkKnight
- Forum Super Hero
- Posts: 4064
- Joined: Wed Dec 10, 03 10:01 am
- Location: Under the bridge.
by ~SanguineRose~ » Thu Jul 06, 06 1:07 am
See no evil, there is no evil.
~Security is but an illusion of the mind~
-
~SanguineRose~
- Wannabe
- Posts: 115
- Joined: Sun Dec 11, 05 5:58 am
- Location: 7th Layer, Hell
5 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 11 guests
Deus Ex Network
Deus Ex: Revision
