Pages: [1] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Somatic Neuron
|
Posted - 2008.06.05 14:02:00 -
[1]
There should be a list of known exploits that have been acknowledged by CCP. I know that I have been a victim and an unintentional exploiter in the past on various accounts. Having a list of exploits, as well as their effects (so we can see if we have been a victim of them) should be listed as soon as they are acknowledged. The method to reproduce them should be listed as soon as they are fixed, so that when the next code branch comes out and the exploit is reintroduced because it wasn't patched to other code branches, they will be caught and reported earlier by the playerbase, instead of merely being exploited again by the same people who found the exploit to begin with. ---------- |
Somatic Neuron
|
Posted - 2008.06.05 14:02:00 -
[2]
I support this one too ---------- |
Somatic Neuron
|
Posted - 2008.06.05 14:02:00 -
[3]
There should be a list of known exploits that have been acknowledged by CCP. I know that I have been a victim and an unintentional exploiter in the past on various accounts. Having a list of exploits, as well as their effects (so we can see if we have been a victim of them) should be listed as soon as they are acknowledged. The method to reproduce them should be listed as soon as they are fixed, so that when the next code branch comes out and the exploit is reintroduced because it wasn't patched to other code branches, they will be caught and reported earlier by the playerbase, instead of merely being exploited again by the same people who found the exploit to begin with. ---------- |
Somatic Neuron
|
Posted - 2008.06.05 14:02:00 -
[4]
I support this one too ---------- |
Skogen Gump
|
Posted - 2008.06.05 15:45:00 -
[5]
I disagree - Publishing full details of previous exploits can often give people the understanding of your internal structures, potentially your DB schema and any other sort of information that can be gleaned from reading-between-the-lines.
This just opens the doors to all sorts of trouble
|
Skogen Gump
|
Posted - 2008.06.05 15:45:00 -
[6]
I disagree - Publishing full details of previous exploits can often give people the understanding of your internal structures, potentially your DB schema and any other sort of information that can be gleaned from reading-between-the-lines.
This just opens the doors to all sorts of trouble
|
Somatic Neuron
|
Posted - 2008.06.05 17:09:00 -
[7]
Originally by: Skogen Gump I disagree - Publishing full details of previous exploits can often give people the understanding of your internal structures, potentially your DB schema and any other sort of information that can be gleaned from reading-between-the-lines.
This just opens the doors to all sorts of trouble
The people that are finding the exploits to begin with don't seem to have any trouble finding them without that knowledge. The more knowledge that is out there, the more secure things will become as a result. ---------- |
Rooker
Lysian Enterprises
|
Posted - 2008.06.05 17:53:00 -
[8]
/signed, because security by obscurity causes more security problems than it hides.
-- Let Us Avoid Systems Via Autopilot |
Inanna Zuni
The Causality Electus Matari
|
Posted - 2008.06.05 18:03:00 -
[9]
In one aspect this is the "Open Source is good" argument, in that by knowing what went wrong you can ensure it shouldn't go wrong again the same way. Thing is EVE is proprietary and to make too much detail available would be more likely to make "other ne'er-do-wells" search for things they could take advantage of.
I don't, therefore, feel that this is a sensible idea, however making available additional information about an exploit which has been closed so that you don't accidentally appear to be trying that style of exploit in the future could, in some circumstances, be beneficial to 'normal' pilots. Maybe.
IZ
My principles |
Sovereign533
Anoint
|
Posted - 2008.06.05 18:31:00 -
[10]
i also disagree. not all exploits that CCP discoveres are found by players. there were some exploits that never been used, but were fixed anyway (before someone would find out). giving information over these unfound exploits is not smart.
|
|
Ethaet
Aliastra
|
Posted - 2008.06.05 21:21:00 -
[11]
Originally by: Skogen Gump I disagree - Publishing full details of previous exploits can often give people the understanding of your internal structures, potentially your DB schema and any other sort of information that can be gleaned from reading-between-the-lines.
This just opens the doors to all sorts of trouble
This.
Everyone will go 'oh look exploits! I never knew that one. brb, exploiting' -------------------------------------------------------------- Seriously, we need some kind of separation between the post and signature. There you go. Now that wasn't so hard |
|
|
|
Pages: [1] :: one page |
First page | Previous page | Next page | Last page |