再保险:[CVEPRI]处理由史蒂夫istey从而向发现新的漏洞

>从:“aleph1@SECURITYFOCUS。COM”(mailto: aleph1@SECURITYFOCUS.COM>我认为我们都同意。有些人就是没有把> >是否不存在任何漏洞的修复他们>报告。但迄今>只选择了任何人来遏制这种行为>会扔掉>婴儿和洗澡水一起倒掉。他们将寒意>漏洞信息的披露,和我知道的大多数人发现>是在错误的方向迈出的一步。在这里,我们的意见一致。我担心的是,除非这种行为在某种方式限制,那么政府将遏制它,这将是一个真正的混乱。治疗比疾病本身更糟糕。>的确没有完美的制度,没有。然而,学术界也不管> >成功的缺点。所以我几乎没有看到它破坏了我的观点。 The point is that if academia were less concerned about who gets credit, they would get more work done. People accomplish more in collaboration than they do alone. Similarly, this concern with credit in our arena interferes with getting work done. > Maybe my grasp on the language is off. The Cambridge > dictionary defines ego as > "your idea or opinion of yourself, or a great feeling of your > own importance > and ability". So how you could feel good about what you do > and not have > an inflated ego escapes me. It isn't a grasp of the language, simply different connotations. To me, ego is something which refers to an individual self, and seperates one from the world. This seperation leads to seeing things not as they are, but through some measure of illusion. Illusion is something to be overcome. Ego is also sometimes considered an inflated opinion of oneself, and as such represents a sort of pride, which is generally thought to be counter-productive in many ways of thinking. So knowing that you are taking correct actions with correct motivations is one thing, but excessive pride in oneself is another. Again, I'm going off on philosophy and perhaps we should take it up next time we share some good beers. > Huh? Marcus said that vulnerability information has no tangible value. No he didn't. He said that NFR had tangible value, not that the vuln info didn't. > I was not chastising Marcus for not paying for the information. I was > pointing out that it has value as his own product, for which > people pay tangible, money depends on it. Without the vulnerability > information his product would not be worth as much. Ergo the > information has value. OK - we're talking past one another here. I'd have agreed if I had understood earlier.