@Random_Walk Then why didn't he wait 60 days? And why did he not just warn of the exploit's existence, as opposed to giving full details on how to implement the exploit, including source code!
For the first time ever, I tend to agree with Loverock, apart from the bit about "And because of him exploits were created shortly after."
There Ryan has the upper hand. There isn't anything to say that others weren't working on it as well, others might have eventually come up with the same exploit. That said, Tavis was a complete berk for releasing the source code and detailed description.
It is one thing giving administrators and security experts enough information to arm themselves against possible attack, but it is totally irresponsible to put the exploit code out into the wild!
Discussion on:
Message 14 of 1
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
