On Wed, 2003-12-03 at 02:04, Paul Johnson wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Tue, Dec 02, 2003 at 09:41:15PM +0000, Oliver Elphick wrote: > > Because there will be lots of people who haven't yet had the chance to > > upgrade. They won't thank us for making an exploit available to every > > would-be cracker. > > Why should we cater to people who can't be bothered to help > themselves? Leaving readily compromisable systems out there does the > net a disservice.
Yes, it does do a dis-service. But, since when does it make it right to add exposure to Bank, Govt, Hospital (etc..) systems, when a delay in script-kiddie info would allow things to be fixed before it is common knowledge. Sure the Black-Hats already know... but there is little we can do about them. Script-kiddies on the other hand goto a few [EMAIL PROTECTED] 51735 (cracker sites) and D/L the tools and code to exploit... usually in 10 minutes from reading a list of possible candidates from the same sites... have already gotten in and made your credit-card their slave. Come on Paul, think in a common-sense approach, lately this whole (set) Debian Lists is becoming nothing more than a sounding board for Meta-Moderators... saying pooh-pooh to anyone on the dissenting side. Real life requires real thinking, smartly... that is why Debian Snobbians (myself included in that class) have a hard time dealing with people on a level playing field. -- [EMAIL PROTECTED] REMEMBER ED CURRY! http://www.iwethey.org/ed_curry
signature.asc
Description: This is a digitally signed message part
