> Worse than that, lets say they tell you a hurricane is coming, but
> don't tell you from where? Lets say that what you guess is a better
> location is a worse location?
I think this is a pretty poor analogy, but anyway....
The major problem I see with giving "authorized" people the insights to
vulnerabilities is there are a number of people wearing 2 hats. Valid
admin's working for a company, while at the same time trying to (personally
or professionally) break into a competitor.
Corporate espionage would come down to a race condition.
CERT sends out a warning.
Sysadmin at a site in NYC gets the warning at 8:00am EST.
He gets the specifics, and then turns around and breaks
into his competitors site on the west coast before they've
even had breakfast.
While I would love to know security problems out of both need and curiosity,
I'm glad the information is not readily accessible.
Murf
--
jam @
philabs .
philips .
com John A. Murphy (better known as Erin's dad)
345 Scarborough Road
Briarcliff Manor, NY 10510 One one-trillionith of a surprise: picaboo
(914)945-6216
Follow-Ups:
|
|
