Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Project Chroma: A color code for the state ofcyber security

From: Ureleet <ureleet () gmail com>
Date: Fri, 5 Dec 2008 08:32:44 -0500
i think that color rating is pretty much retarded w/out sumthing 2
back it up.  if there is a reason to raise it, then fine, but keeping
the color at 2 (iss) or yellow (symantec) all the time doesnt do
anything.  its like the homeland security colors in teh united states.
 if its at yellow all the time, yellow becomes teh new green.

On Thu, Dec 4, 2008 at 11:10 PM, n3td3v <xploitable () gmail com> wrote:

On Fri, Dec 5, 2008 at 3:59 AM,  <Valdis.Kletnieks () vt edu> wrote:

On Fri, 05 Dec 2008 03:48:49 GMT, you said:


answer that on this list? A sweeping guess would be red for danger,


No, if you sell security products, you *dont* want it to be red, because
that gives the impression that your already-deployed sales aren't doing
a good enough job of stopping the badness.

"It's RED, buy our product."
"Why? If your product actually *worked*, why should it be RED?"



I'm coming to the conclusion that most folks benefit from it being at
a moderate level, between green and amber. They can flick it between
the two and not get into too much trouble, while keeping observers
stimulated with interest?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: