Comments on: Exploiting Undercover Vulnerabilities http://spiresecurity.com/?p=36 Risk and Cybersecurity Analysis Wed, 21 Aug 2013 23:28:51 +0000 hourly 1 http://wordpress.org/?v=3.5.1 By: Anton Chuvakin http://spiresecurity.com/?p=36&cpage=1#comment-33 Anton Chuvakin Mon, 13 Jul 2009 19:32:57 +0000 http://spiresecurity.com/blog/?p=36#comment-33 BTW, Perfect “Pete-read”:

http://romeo.copyandpaste.info/txt/ats-policy.txt

“… After the five days have passed, we must conclude that the vendor has issued
some sort of hotfix or a patch to fix the security problem and now the HACKER
sends the bug information, the exploit to the COMMUNITY and possible a
patch too.

Now has security been increased? Do you really think that most of COMMUNITY.
ie: the people that read BUGTRAQ want to patch their servers? No! It is
script kiddies that are waiting for the latest warez, as soon as HACKER
releases this new bug to the COMMUNITY thousands of script kiddies with
little or no skill will start breaking into hundreds of thousands
of boxes and if this bug were genuine, they would! And belive me lots of
boxes would get destroyed.

Now, I ask.. is this a good thing you are doing by posting to the COMMUNITY
all logic says NO!”

]]>