|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: AV/FW Adoption Sudies
----- Original Message ----- From: "Eric Rescorla" <ekr@rtfm.com> > Paul G <paul@rusko.us> wrote: > > > ----- Original Message ----- > > From: "Eric Rescorla" <ekr@rtfm.com> > > > > -- snip --- > > > > > If we assume that the black hats aren't vastly more > > > capable than the white hats, then it seems reasonable to believe that > > > the probability of the black hats having found any particular > > > vulnerability is also relatively small. > > > > and yet, some of the most damaging vulns were kept secret for months before > > they got leaked and published. i won't pretend to have the answer, but fact > > remains fact. > > I don't think that this contradicts what I was saying. > > My hypothesis is that the sets of bugs independently found by white > hats and black hats are basically disjoint. So, you'd definitely > expect that there were bugs found by the black hats and then used as > zero-days and eventually leaked to the white hats. So, what you > describe above is pretty much what one would expect. there is a fair chance that the same bug will be found if several people audit the same piece of code, such as a very widespread, high profile piece of software. in fact, i know of at least one serious bug that was discovered independently by two different groups of people. in general, however, what you are saying makes complete sense. paul
|