Debian attacker may have used new exploit

[Steve A.]

On Wed, Dec 03, 2003 at 09:59:43AM -0500 or thereabouts, Robert Brockway wrote:
> On Wed, 3 Dec 2003, JoeHill wrote:
> 
> > Again, facts and reality fly in the face of this argument. Hackers are
> > usually, if not always, aware of these vulnerabilities before the
> > security "establishment", and certainly before software designers can
> > come up with a
> 
> Years in the security arena make me disagree with this statement.
> 
> Most "Hackers" (I prefer the term Crackers but there you go) are
> script-kiddies.  The number of Black Hats (people who are actually serious
> crackers in their own right) is, and has always been, very small.  Far
> smaller than the security establishment.
> 
> Most exploits discovered these days are found by those who launch a
> concerted effort to detect them.  By sheer number and amount of effort
> most of the people who discover exploits are in the security establishment
> and are not Black Hats.

If you had followed the news of the Debian exploit, you will erealize
that it was a kernel exploit, that could only have been done, by a very
experienced Black Hat. This was no script kiddie, and the Debian Project
takes security very seriously. The fact that the attack was discovered
within hours, lends testatment to that. I think you should probably be
directing your critique to the kernel developers, whom thought that it
wasn't likely someone would use the bug to exploit systems. I guess they
were wrong eh?

I'm just catching up on my reading, apologies if this is mentioned
further down the thread.

-- 

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml