On 11/25/06 9:53 AM, "Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]" <sbradcpa@xxxxxxxxxxx> opined: > However, one cannot merely jump from the fact that Mr. Litchfield is > beyond reproach to make his mere opinions into facts. > > Expert witnesses are bound by the "Daubert test" these days (gotta love > it when even the wikipedia has a link > http://en.wikipedia.org/wiki/Daubert_Standard ) <Snip> > In databases, probably the most common and public security event > affecting the database security world, I would argue, was SQL slammer, > an incident that had a patch available ahead of time. And of course, the vulnerability SQLSlammer leveraged was discovered by David. It was his "mere opinion" that it was best to wait for Microsoft to release the patch before he published any details that saved countless installations from exploitation. It was his "mere opinion" regarding the propensity of worm activity that prompted immediate action on the part of administrators to patch their systems. And when he was too ill to attend the Singapore Blackhat conference, it was his "mere opinion" that the vulnerability was so critical, and so important to get patched, that he entrusted me with his personal materials so that I could give the lecture in his stead. He was, of course, precisely correct on all counts. I've known Dave for years now... Stick by your "Daubert test," and be as pedantic as you wish regarding what constitutes "fact" and "opinion." But for me, when it comes to David Litchfield and computer security, they are the same thing. If people choose to discount Dave's contributions because they are "mere opinion" then it is MY opinion that they do so at great risk. t
