Shostack + Friends Blog Archive


Where's the Evidence?

Tom Ptacek offers up unsubstantiated rumors, and Lindstrom caves? Shoot. I did my chrooting DNS work when a customer’s DNS servers came under attack. Can I get beer without naming the customer? I thought Pete was demanding full details.

None of the attacks I saw used are less than five years old.

More seriously, I believe Tom, but if I were doubting Thomas (sorry) I’d argue that he’s offered no way to confirm that a system was compromised based on an unpublished attack.

One comment on "Where's the Evidence?"

  • Pete says:

    I have no reason to question your integrity, at least once we get to specific details and ensure I am clearly stating what I am looking for 😉 It is simply a matter of identifying the VULNERABILITY, however – you mentioned attacks in the post.
    (Plus, I am actually easy when it comes to getting me to buy you beer, so you are welcome in Chicago.)

Comments are closed.