Old Forums: wtf.
-
- Queen of All Spiders
- Posts: 4263
- Joined: 2008.09.29 (03:54)
- NUMA Profile: http://www.freeWoWgold.edu
- MBTI Type: ENFP
- Location: Quebec, Canada!
Loathes
-
- Secretariat Ain't Got Nuthin' On This Shit
- Posts: 521
- Joined: 2009.01.08 (05:03)
- NUMA Profile: http://nmaps.net/user/
- MBTI Type: ISTJ
- Location: Huntington, WV
This is why you don't fucking use fucking imageshack or fucking photobucket in the fucking administration of Goddamn forums.
Posts from the old forums: 11,194mintnut wrote:Oh my life, STRAP ON A PAIR! Get over it, make better maps, innit?
-
- dreams slip through our fingers like hott slut sexxx
- Posts: 3896
- Joined: 2009.01.14 (15:41)
- NUMA Profile: http://nmaps.net/user/Tunco123
- MBTI Type: INTJ
- Location: Istanbul
It's working quite well for me.
-
- Cowboy Magician
- Posts: 510
- Joined: 2008.09.23 (13:07)
- NUMA Profile: http://nmaps.net/user/wedgie123
- MBTI Type: ENTJ
- Location: Essex, England
Yeah i also just checked it and it seems fine for me. What does it matter anyway; we are on these forums now.
-
- Diagnosis Mohawk: Bahrain Cock Theory
- Posts: 1405
- Joined: 2008.09.23 (13:25)
- NUMA Profile: http://nmaps.net/user/spawn_of_yanni
- MBTI Type: ENFJ
- Location: Pittsburgh
feline disrespect from behind
-
- Cowboy Magician
- Posts: 510
- Joined: 2008.09.23 (13:07)
- NUMA Profile: http://nmaps.net/user/wedgie123
- MBTI Type: ENTJ
- Location: Essex, England
I'm struggling to understand what it is that these people are trying to do...
-
- Global Mod
- Posts: 1596
- Joined: 2008.09.26 (13:10)
- NUMA Profile: http://nmaps.net/user/gloomp
- MBTI Type: INTP
- Location: Troy, New York
- Contact:
Wooooooooow. This isn't why I always us Tinypic, but I'm damn glad I do now.
-
- La historia me absolverá
- Posts: 2228
- Joined: 2008.09.19 (14:27)
- NUMA Profile: http://nmaps.net/user/maestro
- MBTI Type: INTP
- Location: Beijing
- Contact:
Idiots.
M E A T N E T 1 9 9 2
-
- Demon Fisherman
- Posts: 1265
- Joined: 2008.09.19 (06:28)
- NUMA Profile: http://nmaps.net/user/
- MBTI Type: ENTP
Transparency of operation gets things done.
The only people to benefit from a lack of full disclosure are hackers who keep getting foiled by the usually-slow-to-follow defensive programmers.
The only people to benefit from a lack of full disclosure are hackers who keep getting foiled by the usually-slow-to-follow defensive programmers.
The Real N Sex on the Xerox Space Pimp Online Super Fluffy Pack 1! Super Fluffy Pack 2! Super Crunchy Pack! Mother Thumping Impossible: 2005 MotY! Time is on My Side: 2006 PMotY! Survival map king! Best humor award! Best satire award! Best voice award! Inadvertently intimidating! Assholier than thou! Gdubs is totally back! WIS 14! Cyberzone creator! Clique creator! Most lines on IRC! Ventrilo moderator and regular! Certified Dungeon Master! Most modest person ever! ENTP! Incorrigible alcoholic! CHA 19! AMERICAN! Least pretentious! Elitist extraordinaire! Liberal libertarian! Incapable of experiencing love! Check Safe! Commodore of the Eldritch Seas! Archmagus of the Eleventh Hall! Sheriff of the Uncharted West! Godfather of the IRC Mafia! Pun enthusiast! Quadster! Challenging Dunbar's number! Wikipedian!Approves of 4th Edition! 1,000 Blank White Cards! radio_free_tetris! Migratory! INT 18! Doesn't know when he's being genuine, therefore cannot form lasting relationships with people! Really into black chicks! Even more into Indian chicks and Blasians! Hates moderators! Loves the C word! Tronster! Thinks we should play more Worms! Always wins iSketch! Owns a Wii! Plays as Pikachu in Smash Bros! Wrote literotica! Wrote anime fanfic! Sorta into Asians! Lived and loved the 80's and 90's! Chattiest sig! Cyberzone ][ creator! Operand of the Greater Space Pimp Continuum! Helped lead the forum move!Wizard Date! Participated in the blue_tetris takeover! Pithiest one-liners! Walkin' on, walkin' on broken glass! Seems to have an invisible touch! Economist! Mario hackster! Owner of the most complex D&D campaign setting! Micromanagerial! FREEDOM is all-American! Slowly distancing! Supports the Democrats! Supports the old GOP! CATO Institute fanboy! Penn and Teller fan! Large, in charge, and on a barge! Heralded by community as genius hero! Proud yet humble recipient of the Mare & Raigan Award for 2008! CON 9! Dave of Nazareth! Communist is annoyed with me! Not half bad at images! F.Y.I. I am a medic! It's a spook house, lame ball. Too bad! Space Pimp II: Rags 2 Bitches! F.Y.I. I am a spy! Entire team is babbies! STR 10! Sorta appreciating scythe and atob again, for new reasons! Played CS:S briefly! Welcome to Nebraska! Do you think you can Live! Heist! Portrayer of the mighty 88 Shells! Joyous proprietor of the future estate of Kablizzy and blue_tetris! It's Batmen all the way up! They brought crystals to a sceince fight; that's a good way to lose your cat! Even SlappyMcGee! I'm about to run out of either primates or sexually transmitted diseases! One-upper! Toaster oven clairvoyant Mythomaniac! That's the Magic of Macy's! Half of Half! Spend all my time making love, all my love making time!
-
- Queen of All Spiders
- Posts: 4263
- Joined: 2008.09.29 (03:54)
- NUMA Profile: http://www.freeWoWgold.edu
- MBTI Type: ENFP
- Location: Quebec, Canada!
I dunno, I side with the anti-full-disclosure kids here. Telling you that there is a problem and that there is a means to fix it, here, is fine. Telling people how to exploit the problem (which is what they basically do, by full disclosure) means that everybody needs to get the latest x in order to block it, and those that don't? Well, they just became more susceptible.
Basically, initially, there are some hackers and some regular users who are unprotected. Some of those users will be hacked. Full disclosure means that there are going to be more "hackers" (scripters) and fewer regular users who are unprotected, which means that the population that does not want to pay for the latest fix are almost definitely going to be exploited. (Assuming it is something you need to pay for to fix, of course.)
Basically, initially, there are some hackers and some regular users who are unprotected. Some of those users will be hacked. Full disclosure means that there are going to be more "hackers" (scripters) and fewer regular users who are unprotected, which means that the population that does not want to pay for the latest fix are almost definitely going to be exploited. (Assuming it is something you need to pay for to fix, of course.)
Loathes
-
- La historia me absolverá
- Posts: 2228
- Joined: 2008.09.19 (14:27)
- NUMA Profile: http://nmaps.net/user/maestro
- MBTI Type: INTP
- Location: Beijing
- Contact:
Telling the developer about the vulnerability and giving them some time to fix it is preferable to immediately releasing details of the vulnerability to the public, but if the option of full disclosure isn't there at all—which would be the case if these guys successfully take down everyone who does publish these things—there's far less incentive for developers to fix the vulnerabilities at all, which is bad for everyone.
M E A T N E T 1 9 9 2
-
- Retrofuturist
- Posts: 3131
- Joined: 2008.09.19 (06:55)
- MBTI Type: ENTP
- Location: California, USA
- Contact:
Presumably, they'll be going after sites that try to stay bleeding-edge on reporting exploits?
I hope they're really good at what they do...
I hope they're really good at what they do...
[spoiler="you know i always joked that it would be scary as hell to run into DMX in a dark ally, but secretly when i say 'DMX' i really mean 'Tsukatu'." -kai]"... and when i say 'scary as hell' i really mean 'tight pink shirt'." -kai[/spoiler][/i]
-
- Radio Douchebag
- Posts: 1026
- Joined: 2009.04.29 (01:03)
- NUMA Profile: http://nmaps.net/user/Rhekatou
- Location: PAL
I cant see the goddamn photo
-
- Albany, New York
- Posts: 521
- Joined: 2008.09.28 (02:00)
- MBTI Type: INTJ
- Location: Inner SE Portland, OR
- Contact:
Anti-Sec is crap. Here's why:
1) Immediate disclosure is not the standard in the security. The standard is delayed disclosure, in which the manufacturer of the hardware/software and trusted security professionals are informed first. The public is informed a period of time after this which is set, but sufficient for manufacturers to correct the problem (often this is 30 days).
2) There is a reason that public disclosure exists. Manufacturers have shown an enormous tendency to deal with security issues by sweeping them under the rug. In short, if manufacturers are not forced to fix something, they won't. Public disclosure makes it in to a looming issue and gives the manufacturer a bad name, resulting in the manufacturer fixing the problem. Now manufacturers continue to try to obscure problems by blaming security professionals for finding the vulnerabilities, rather than themselves for the vulnerabilities existing. Anti-Sec seems to have wholly fallen for this ploy.
When security vulnerabilities are not publicly disclosed, they do not get fix. This has been clearly demonstrated by time. The current system of delayed disclosure is the best known way to ensure that security vulnerabilities are detected and corrected before they are exploited.
1) Immediate disclosure is not the standard in the security. The standard is delayed disclosure, in which the manufacturer of the hardware/software and trusted security professionals are informed first. The public is informed a period of time after this which is set, but sufficient for manufacturers to correct the problem (often this is 30 days).
2) There is a reason that public disclosure exists. Manufacturers have shown an enormous tendency to deal with security issues by sweeping them under the rug. In short, if manufacturers are not forced to fix something, they won't. Public disclosure makes it in to a looming issue and gives the manufacturer a bad name, resulting in the manufacturer fixing the problem. Now manufacturers continue to try to obscure problems by blaming security professionals for finding the vulnerabilities, rather than themselves for the vulnerabilities existing. Anti-Sec seems to have wholly fallen for this ploy.
When security vulnerabilities are not publicly disclosed, they do not get fix. This has been clearly demonstrated by time. The current system of delayed disclosure is the best known way to ensure that security vulnerabilities are detected and corrected before they are exploited.
-- I might be stupid, but that's a risk we're going to have to take. --
Website! Photography! Robots! Facebook!
The latest computers from Japan can also perform magical operations.
Website! Photography! Robots! Facebook!
The latest computers from Japan can also perform magical operations.
Who is online
Users browsing this forum: No registered users and 6 guests