[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Investigation Report after Server Compromises

On Tue, 2003-12-02 at 19:12, Alex Malinovich wrote:
> I'm afraid I'm part of the group that just doesn't understand. This
> snippet reeks of security through obscurity for me. If the hole has been
> identified and, presumably, fixed, why not tell people about it?

Because there will be lots of people who haven't yet had the chance to
upgrade.  They won't thank us for making an exploit available to every 
would-be cracker.

-- 
Oliver Elphick                                Oliver.Elphick@lfix.co.uk
Isle of Wight, UK                             http://www.lfix.co.uk/oliver
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839  932A 614D 4C34 3E1D 0C1C
                 ========================================
     "For the mountains shall depart, and the hills be 
      removed; but my kindness shall not depart from thee, 
      neither shall the covenant of my peace be removed, 
      saith the LORD that hath mercy on thee."             
                                        Isaiah 54:10
Reply to: