Tag: Chris Wysopal

Google VulnSearch?

[This was originally published on the OSVDB blog.] Fall behind and someone will always beat you to the punch! Gadi Evron posted an entry over at Securiteam on the topic of using Google’s Codesearch to find vulns. Since he and others are writing about this, I don’t have to! However, i’ll post a few more…

October 7, 2006
No Exception for Symantec

[This was originally published on the OSVDB blog.] Symantec posted a message to Bugtraq earlier this month announcing the availability of a new advisory. The advisory presumably covers a vulnerability or issue in Symantec On-Demand Protection. If you are reading this blog entry a year from now, that is all you may find on it.…

August 10, 2006
Microsoft’s Responsible Vulnerability Disclosure, The New Non-Issue

[This was originally published on attrition.org] For almost a decade, a debate over the concept of Full Disclosure has reared its ugly head. Carried out on BBSs, newsgroups, security conferences, mail lists, parties, coffee shops and everywhere else, the Full Disclosure debate can be called “long standing” to say the least. As with everything in the computer…

November 10, 2001