Month: April 2000

Full Disclosure – Effective or Excuse?

[This was originally published on attrition.org.] A comprehensive look at the practice of Full Disclosure, problems associated with it for vendors and security companies, and examples of full disclosure put to the test. (3300 words) The world of computer security has developed a wicked game of politically correct ‘cat and mouse’. This game is played…

April 27, 2000
Overlooking the Obvious Database

This was originally published on Synthesis.net, but is 404 now. While archive.org was able to get a snapshot, the text colors are off so you only see hyperlinks unless you select all text on the page. Brad Chester recently moved two doors down from you. Taking residence in a nice three bedroom house, his landscaping…

April 1, 2000
Ex-Game: (Untitled)

[This was the second article I did for Ex-Game magazine (print mag in Japan). It was titled as my name and labeled “Original Document”. It was subsequently mirrored on attrition.org.] In the past few years, Japan has seen very few incidents of web sites being defaced. From 1995 to January of 2000, there were only…

April 1, 2000