Ooooh, morally reprehensible :-)

by Anton Chuvakin

Related link: http://blog.ncircle.com/archives/2005/05/trafficking_in.htm



I love to read every single debate about vulnerability disclosure, since they can get soooo fierce so that it becomes funny. Here is one latest shot: "People who traffic in non-public exploits are morally reprehensible.". Are they, really? What is they are just making a living?

I don't want to take sides in this one (may be hazardous to one's health), but read up this argument written by an employee of a vulnerability scanner vendor. I can see how it can lead him to refer to people who profit from their legitimate technical skills as "pimping knowledge" ...

3 Comments

bsonne
2005-05-13 09:50:24
Oh Man
I was really talking about being open with knowledge and sharing it with everyone. Honestly, I'm surprised the umbrage people have taken with that particular issue. One can earn a living from legitimate technical skills while still putting their knowledge into the public domain.


'Reprehensible' is meant as 'deserving of moral rebuke'. That's all. In no way am I casting dispersions on peoples skills. But if you hoard knowledge, I think that's lame.

anton_chuvakin
2005-05-13 10:46:49
Oh Man
Well, I was not really against what you said. I was merely questioning such a dramatic position. People can choose to share knowledge, they can choose to sell it and, I suspect, they can hoard it. I was just saying that IMHO it has nothing to do with morality...
bsonne
2005-05-13 10:50:45
Oh Man
Fair enough. Perhaps it's because I define it as part of my moral code that I feel so strongly about it.