Home page logo

fulldisclosure logo Full Disclosure mailing list archives

RE: MSIE (mshtml.dll) OBJECT tag vulnerability
From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Thu, 27 Apr 2006 00:21:02 +0200 (CEST)

On Wed, 26 Apr 2006 bruen () coldrain net wrote:

There aren't people out there looking to exploit the flaws in your car in
order to drive it where they want it to go. It's a lousy analogy.


Microsoft Internet Explorer is not a car. Were it a car, it still wouldn't
be yours more than it would be mine. "Disclosing a problem to the public"
is not "driving it off".

Depending on whether I compare finding vulnerabilities to nursing an
orphaned baby squirrel, or running over the elderly, I can appeal to
different emotions of the public. But that does not mean anything, and you
know this.

So, do tell, why are informed, computer-savvy people so desperate to make
inadequate, half-baked analogies to real life to "prove" their opinions?


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]