RE: [CVEPRI] Handling new vulnerabilities discovered by Steve Christey
>1. I think Steve shouldn't worry about what might happen by some people. If
>they trust CVE at all for anything, then by inference
There is no inference to make there. One is a public process and the other is not.
they must trust Steve
>since his work has largely been responsible for the realization of the CVE
>in the first place. If he gets picked on, tell us, we'll throw some good
>quotes your way...;-]
>2. I think Marcus is not alone in his feelings. I share many of them, and am
>too not thrilled that ego-gratification is often the only motivation
>(meaning that saving the world often does not even enter into a disclosure).
Who would give you any recognition then?
>While I'm well known as having the ego of several, or even dozens of folks,
>at least I'm deluded (publicly, privately comfortable) enough to
>consistently believe I'm trying to save the world.
So you do get gratification and pride from your work?
>I found it extremely entertaining that Pascal's examples are amongst the
>most popular TV game shows on American TV, thereby suggesting that there is
>no more pride in cracking puzzles than there is in answering trivia.
Wrong, and you must be close to breaking records for stuffing fallacies in one sentence. All you may be suggesting is that entertainment is popular (duh!). Pride is for the doer, not the watcher.
>fact that his only examples *are* game shows
Who said that the only examples I could give of things I despise were game shows? For crying out loud, don't put words in my mouth.
>would seem to imply his tacit
>approval in the marketability of security disclosure information...which in
>my book simply re-enforces Marcus' assertions.
Duck! More fallacies. If you think what I said is wrong, or you don't understand what I meant, please say so without turning this into an episode of Jerry Springer or an election debate. Without logical discourse we won't get anywhere.