Re: Month of Kernel Bugs and fsfuzzer release (0.6)

[Matt Hargett <matt () use net>]

On Monday 23 October 06 17:46, L.M.H. wrote:
> Usual disclaimer applies. If you sell or get money from a bug found
> with this tool, shame on you ;-). Also, most of the bugs you can
> actually find with it are already known, but it's always nice to hear
> about new details (and if you've ported it to some other platform,
> better). You're more than welcome to send them. They will be
> considered for release in the MoKB, crediting accordingly.

It is really great to see this kind of tool commoditized for use by all, and I 
really must commend you on it.  I would expect to start getting harassed and 
insulted by the people who rely on their private tools (and private patches 
to their "open" tools) as their perceived advantage to getting work. It 
sucks, but it's worth it to actually advance the state of things, I think.

On a side note, the bugreport (http://bugreport.sf.net) team should have a 
bunch of homospectacular analysis features done in time for Luis and I's 
classes at BlackHat Europe 2007 and RSA 2007. (No class slots available at 
BlackHat Federal, sorry!) And we'll actually release all the code and not 
hold back private patches that allow only us to find certain 0day -- 
promise! ;)

PS: I hope this email actually shows up on the list, unlike the last several 
that magically disappeared. It's almost like someone is censoring posts. 
Maybe I should just post them on my blog (http://wiki.yak.net/~pretention).


_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave