Russ Allbery <rra@stanford.edu> writes:
So why doesn't he? For the same reason I often eat out even though I'm a pretty good cook - I know how to do it, but my time can be better spent doing something creative. Re-coding exploits for well-known holes, for which a dozen explots already exists, is not creative.
Amen.
Russ hees and haws; just a couple of days ago he was whining how we shouldn't publish exploits because users should be forced to write their own exploits.
Russ clearly believes in "security by obscurity", so heinvents bogus arguments to waste everyone's time.
Russ does? There are some forms of "security via obscurity" that actually work or which have some benefit (hell, password systems are just security via obscurity at their core), but no, I don't believe in it as a general principle.
That's from the same bootlixcking Cabal lackey who was whining and begging me not to release my cancelbot. [rfc 1036 rewrite]
(The main purpose of the rewrite, by the way, is to incorporate some "anti-spam" language, and to remove the embarassing prohibition against forged cancels.)
Actually, the main purpose looks more to be to roll in a bunch of headers that had been in informal use, clarify a bunch of the language, resolve differences between the mail and news formats, and so forth. Brad's pushing hard for a variety of authentication measures, including an authenticated Path header, and X-Auth will likely be rolled in in some form.
Bullshit. I'm on the list, I see the traffic, and all the whining about "spam" coming from the wannabe content censors.
One Good Thing that might come out of masive attacks is the switch to IPv6.
Maybe. That'll be a really hard one to get going.
But it would actually make the net better in many ways. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps