Jussi Laako firstname.lastname@example.org wrote:
Or are you just pissed off because you couldn't use that bug to exploit few systems?
...Just wondering why are you crying about common practice and hiding behind anonymity. (You aliases writing style just happens to be common to wanna-be crackers who think they are kEwL...)
I just want you to know that I think that is an entirely inappropriate comment. Many people prefer to protect their privacy and in many respects I think the 'net would be a much better place if more people did. Just because he does does not make him a cracker, nor does it invalidate his opinions (which I happen to share despite my not using an alias or being a cracker).
If a system is concerned about security, then they should take measures to follow bug lists and disable services as bugs are discovered to maintain it. If not, then they will likely not know about the fix when it is re- leased either, and their system will be open to attack anyway. I see no reason to withhold information from those who will use it for the sake of those who (most likely) will not---at least it puts the security folks and the crackers on (more) even footing.