full-disclosure-uk August 2008 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] Linus summarizes state

Re: [Full-disclosure] Linus summarizes state of the "security industry" with precision and accuracy.

From: Simon Valiquette <v.simon_at_nospam>
Date: Mon Aug 18 2008 - 20:50:38 GMT
To: Full Disclosure <full-disclosure@lists.grok.org.uk>


coderman un jour écrivit:
> ... hypothesis that "security researchers" are all masturbating monkey
> whores is now proven definitively. [0]
>
> """
> Too often, so-called "security" is split into two camps: one that
> believes in nondisclosure of problems by hiding knowledge until a bug
> is fixed, and one that "revels in exposing vendor security holes
> because they see that as just another proof that the vendors are
> corrupt and crap, which admittedly mostly are," Torvalds states.
>
> Torvalds went on to say he views both camps as "crazy."
>
> "Both camps are whoring themselves out for their own reasons, and both
> camps point fingers at each other as a way to cement their own reason
> for existence," Torvalds asserts.
> """
>
> 0. Torvalds Interview with Network World , 08/14/2008
> http://www.networkworld.com/news/2008/081408-torvalds-security-circus.html
>

   Isn't that quite old news? Not only the article doesn't offer anything new, but It also doesn't give the full picture and offer very little useful information compared to the real discussion.

   I did read the thread at this time, and there was many interesting ideas. If I happens to see an article that resume well the issues involved, I'll post a link, but I won't spend much time searching, so don't wait after me.

   By the way, Linus Torvalds is very well known to enjoy starting flames on purpose (he calls that "flamefesting"). This time, the troll was trown at OpenBSD, but It was too big to be taken seriously by them, so It is mostly the security people that reacted.

   I prefer the troll he launched last year when he basically said that Gnome is just a waste of time and than both users and developers should just give-up and move on to KDE, which would be a much better and productive use of their time. It was said in 2007 directly on some major Gnome mailing list, like his previous flames against Gnome. :o)

Simon Valiquette



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/