Re: 0day: PDF pwns Windows
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--Apple-Mail-9--165001523
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
On 25 Sep 2007, at 00:57, Lamont Granquist wrote:
> The exploit is not made public by its use. The exploit is not even
> made public by (back-channel) sharing amongst the hacker/cracker
> community. The exploit is only made public if detected or the
> vulnerability is disclosed. Until detected/disclosed the hacker/
> cracker can use their 31337 0day spl01tz to break into whichever
> vulnerable machines they like. 0day exploits are valuable because
> the opposition is ignorant of them.
>
> Posting exploits to BUGTRAQ, however, inherently makes them not
> 0day...
And my ignorant self thought until this thread that the "0" in the
term referred to the number of days of head start granted to the
vendor. Silly me. Because that would make all vulnerabilities
published without prior warning to the vendor a "0day"...
Roland (who seems to remember that this was once the meaning of this
term)
--Apple-Mail-9--165001523
content-type: application/pgp-signature; x-mac-type=70674453;
name=PGP.sig
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
content-transfer-encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (Darwin)
iD8DBQFG+UwvI4MWO8QIRP0RAnIDAJ9/vdM7MKsf4nSaWRFkU5CKjF0QZACcDwRp
AqhjKJOfM+5Rcf1GfJxy93s=
=9DaC
-----END PGP SIGNATURE-----
--Apple-Mail-9--165001523--
討論串 (同標題文章)
完整討論串 (本文為第 17 之 18 篇):