27 Feb
2005
27 Feb
'05
12:10 a.m.
What are your favorite sources for realistic vulnerability warnings?
Don, you seem pretty well informed on potential risks. I find that the real difficulty is not in getting information, but in sorting the useful information from the chaff, FUD, and panic. Knowing that a potential back door for open code execution in a common utility has been publicised is a LOT more useful than knowing about an obscure potential for a buffer overflow that could knock out some obscure and rarely used service.