Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: defining 0day
From: "Brian Loe" <knobdy () gmail com>
Date: Tue, 25 Sep 2007 15:15:28 -0500
On 9/25/07, Gadi Evron <ge () linuxbox org> wrote:


No longer good enough.

We can get a press scare over a public vuln release, or a wake-up call.

I think we can do better as an industry.



Who, then, rewrites all of the reference material? And doesn't any new
definition simply become definition number 2 in Webster?

Is it really the definition that is lacking or is the use of the word
at issue? Seems to me, from the beginning of this debate, that its the
usage. Far easier to reform the "zero day process" (disclosure, etc.)
than to redefine the term "zero day". The term is owned by the public,
the process is owned by those who follow it, the industry.

Couldn't a formal process be developed that does the defining/labeling
of a particular disclosure?

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]