excite/ZDNet: Silence the best security policyJul 27, 2000, 21:41 (16 Talkback[s])
(Other stories by Robert Lemos)
"Well-meaning hackers are creating an army of "script kiddies" by making security holes public, says a speaker at the Black Hat Security Conference."
"Long controversial, the policy of disclosing software vulnerabilities to the public was subject to open attack in a Wednesday keynote at the Black Hat Security Conference."
"Marcus Ranum, chief technology officer for intrusion detection software maker Network Flight Recorder Inc., used hard language to say that security can't be improved unless "gray hat" hackers stop disclosing security holes to the public and stop creating tools for so-called "script kiddies" to exploit the holes."
"Full disclosure is creating armies and armies of script kiddies," said Ranum, who called the creators of hacking tools "weapons dealers" who aren't really concerned with security."