Posted on 01/30/2006 10:21:08 AM PST by Salo
Can I provide a source---not without doing a lot of homework. Have serious studies been done---definitely. If I get a minute or three, I'll see what I can find.
He actually wrote a book about how to guard against social engineering attacks. Pretty good, IMHO.
The Art of Deception, or something like that.
Fixed it, since you don't know what the word "Asignee" means.
Oh its most defiantly hacking but its not at all technical. I think the attitude many system architects have about social engineering being not all that much of a worry causes huge problems for business..
keep in mind hacking is not really a negative term some people are paid good money for a blackbox hack by the people who want to secure their systems.
Except that patching is low hanging fruit..
Absolutely agreed. It's much harder to engineer people than devices though :-)
keep in mind hacking is not really a negative term some people are paid good money for a blackbox hack by the people who want to secure their systems.
Absolutely. I've done some of that myself against systems I'm responsible for. You really have to look at security from both sides in order to understand all sides of the issues.
If I wanted to make a name for myself in the hacking community, it seems the only way to impress them is by going after closed source.
LOL, who do you think you're trying to fool? Earlier today down at the bottom there was an entry from some guy that works for Haliburton, his entry was "web server crashing". They've since deleted it, but obviously that guy was not assigned that problem to correct.
Looking at the list closer, it's about ~99% people associated with apache.org. That's hardly a diverse set of good eyes.
Exactly. Imagine, if you will, a world in which people at apache are the ones assigned to fix the problems found and reported on bugzilla/apache.
Ssh--don't tell anyone, but the list of bugs over at Mozilla has (gasp!) mozilla people assigned to them!
The list you are looking at does not reference those people who are looking for the bugs--only those who are fixing the bugs.
Do you now understand what "Assignee" means?
So the guy from Haliburton yesterday was assigned to fix his "web server crashing" problem? Laughable.
What's laughable is that you're claiming something without proof--yet again.
Here it is, simply resort to include closed items. Look near the bottom, you'll see an entry from a guy working for Haliburton, issue is Windows 2000 Server Hanging. You're trying to tell me he was assigned to fix that? LMAO!
http://issues.apache.org/bugzilla/buglist.cgi?query_format=specific&order=relevance+desc&bug_status=__all__&product=&content=
You'll have to be more specific. I've search for "Haliburton", "Web Server", and looked through a few hundred bugs on that link you sent me. No hits.
Just tell me the bug number. I'll find it then.
Scroll to the bottom, then go up about 15 entries. Yesterday it was on the active page, assignee was the guy from Haliburton, which you're insisting meant he was supposed to fix it LOL. Funniest of all is it many if not most of these "bug reports" have nothing to do with looking over source code, which is why you referrenced it to begin with.
Nope--not there. You're dreaming again.
So the guy from Haliburton yesterday was assigned to fix his "web server crashing" problem? Laughable.
Yes. He was assigned to it because his "problem" wasn't a bug--it was a support issue. Assignees change as the issue becomes more known.
What you are seeing is the final resolution and the final responible party. Not the initial one.
Yes it is, and has been all along. Some people are just hopelessly inept.
http://issues.apache.org/bugzilla/show_bug.cgi?id=38463
I reported the listing to you yesterday, when it was still active. Yet you denied, insulted, attempted to define "assigned to", etc etc etc, all of which were wrong. You might as well admit it, you have no proof regarding the number of good eyes verses bad eyes, nor will you ever.
I have admitted I found the bug report. I still stand by what "assignee" means. The activity log of this bug backs me up.
Face it--you're arguing just for the sake of arguing, and with no experience in the system you're trying to denigrate. I've got actual experience with bugzilla, and I know what I'm talking about.
You, obvious to everyone reading this, do not.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.