6 Mar
2000
6 Mar
'00
00:50
On Mon, 6 Mar 2000, Jussi Laako wrote:
I'm viewing it from statistical point of view. Let's say that 10 crackers know about the vulnerability (if we don't announce it to whole world), it's not very likely that YOUR system gets hacked. But if we announce it, then about 1000 or 10000 crackers will know about it. Now it's much more likely that YOUR system gets hacked?
Just an observation, but if 10 crackers know of a vulnerability then pretty soon it will be on a web site somewhere and the 1000, 10000 or 100000 will be just around the corner. They certainly wont feel any need to be discrete about it. It is certainly something that needs to be kept in mind when formulating a bug alert policy..
8807
Age (days ago)
8807
Last active (days ago)
0 comments
1 participants
participants (1)
-
Paxton, Michael