Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: defining 0day
From: n3td3v <xploitable () gmail com>
Date: Sun, 20 Apr 2008 01:27:39 +0100

On Sun, Apr 20, 2008 at 1:10 AM, coderman <coderman () gmail com> wrote:
On Sat, Apr 19, 2008 at 5:02 PM, n3td3v <xploitable () gmail com> wrote:
 > ...

 It doesn't matter how old it is, as long as no patch is available, it
 >  will always come out of no where and pwn your ass.

 again you show your ignorance.

No, you show yours by only reading the first sentence of my e-mail and
cutting the rest out which explained it all to you.

 if you are aware of the risk, there are a multitude of mitigations,
 outside of official vendor patches.

But from the computers point of view it doesn't care, if the
vulnerability is not patched by the official vendor then its still a

 if you are aware of the vulnerability, it is no longer 0day.

As I said in previous e-mail, *you* being aware doesn't matter to the
term 0-day, because its a reference to a threat level to a computer,
not the human mind and how many days ago the human became aware.

Its purely a mechanical term for the computer, not anything to do with
what humans think.

A computer doesn't count how many days ago, it counts in 0 and 1's, so
it doesn't count the days inbetween, to the computer there is only
0-day then patched is 1, thats what the reference is all about.



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]