[development] Re: [support] Drupal 4.6.6/4.5.8 security releases

Darrel O'Pry dopry at thing.net
Tue Mar 14 16:03:15 UTC 2006


On Tue, 2006-03-14 at 09:12 +0100, Dries Buytaert wrote:

> are PUBLIC.  Script kiddies can subscribe to the e-mail notifications  
> as well.  Chances are that they receive their e-mail notifications  
> before you do.  The mailing list is a publicly accessible  
> notification mechanism, not an exclusive service.

I hope no one took my script kiddie non-sense seriously. There is no
real defense against a true 0-day hacker, except proactive security
audits. Script kiddies normally take a while to figure out how to
implement their exploits, and how they can effectively be used. 5
minutes - 1 week probably won't kill you.

.darrel.



More information about the development mailing list