Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Websites vulnerabilities disclosure
From: Stan Bubrouski <stan.bubrouski () gmail com>
Date: Fri, 7 Oct 2005 17:12:50 -0400

On 10/6/05, Georgi Guninski <guninski () guninski com> wrote:
On Thu, Oct 06, 2005 at 09:09:32AM +0400, offtopic wrote:
<snip> Which fird-party can't be user as coordinator, like CERT/CC?

i recommend you don't use coordinators - they are f*ck*d parasites.
think about what they will "coordinate" - probably selling your info.
cert* sux.

I really agree with this.  When you're a researcher who puts the time
in to discovering, exploiting, and sometimes fixing a vulnerability,
you've done the work, why let them steal the credit?

There are times when you find holes that you report to one of these
services because you have no time or motivation to do the research
yourself.  But if you want the credit for what you've done or even
feedback then writing up your own advisory or working on one with a
vendor is a much better solution.  After all, what do these services
offer that you can't do yourself?

Best Regards,
sb



--
where do you want bill gates to go today?


















_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]