Talk:Przemysław Frasunek: Difference between revisions
re |
|||
Line 44: | Line 44: | ||
::::::: Because the link you provided credits somebody else with the discovery of the vulnerability. [[User:tqbf|<font color="black" face="courier">--- tqbf</font>]] 21:30, 17 January 2008 (UTC) |
::::::: Because the link you provided credits somebody else with the discovery of the vulnerability. [[User:tqbf|<font color="black" face="courier">--- tqbf</font>]] 21:30, 17 January 2008 (UTC) |
||
:::::::: AS Vulnerability and an exploit are two different things. [[User:Adom11|Adom11]] ([[User talk:Adom11|talk]]) 21:42, 17 January 2008 (UTC) |
|||
: I dispute that the cite to "economy-point.org" is reliable: there is no evidence of editorial oversight, and the content is badly machine-translated. [[User:tqbf|<font color="black" face="courier">--- tqbf</font>]] 19:47, 17 January 2008 (UTC) |
: I dispute that the cite to "economy-point.org" is reliable: there is no evidence of editorial oversight, and the content is badly machine-translated. [[User:tqbf|<font color="black" face="courier">--- tqbf</font>]] 19:47, 17 January 2008 (UTC) |
Revision as of 21:42, 17 January 2008
Notability of vulnerabilities
First, are you Przemysław Frasunek?
- No, I'm not. Adom11 (talk) 19:58, 17 January 2008 (UTC)
- I put my contact data on the user page, so it could help verifying my intentions. Adom11 (talk) 21:09, 17 January 2008 (UTC)
Second, you need to provide a reference to a reliable source that says the vulnerability was actually notable. In the same time period, I see plenty of press hits for WU-FTPD vulns, but none of them appear to be this one.
Third, you need to verify that Przemysław Frasunek actually found the vulnerability. The Bugtraq post linked from the CVE post credits tf8, and only offers a "shout-out" to "venglin".
- [1] & [2], CVE links to both. Adom11 (talk) 19:58, 17 January 2008 (UTC)
- The first link you provided explicitly says he did not discover that vulnerability. I'm striking it from the article. --- tqbf 20:34, 17 January 2008 (UTC)
Thank you for not simply restoring the entire list of vulnerabilities, but if we can't provide actual references that establish your notability, I'm going to propose the article be deleted. Plenty of people have found major vulnerabilities, and yet have not been written about in sufficient detail to merit a Wikipedia article.
- I understand your point of view, although IMO discovery of the exploitation technique for one of the most known form of software vulnerability (format string attack) is quite enough to be noted on wikipedia. See articles on Robert Tappan Morris or Michal Zalewski. Adom11 (talk) 19:58, 17 January 2008 (UTC)
- I'm a total skeptic on vuln researchers of marginal notability being on WP; we lack articles for hugely respected researchers, for what I think is good reason. You're not a skeptic. I can be convinced that this isn't an AfD candidate --- but if I feel like "delete" will win when you're done, I'm sending it there. --- tqbf 20:13, 17 January 2008 (UTC)
- Also --- nothing you've provided verifies that this person "discovered the exploit technique" for format string attacks, and I tend to doubt that's true. --- tqbf 20:14, 17 January 2008 (UTC)
- Your user page suggests you're interested in a computer security, so why not helping me with verifying the article theses (or proving it wrong) using bugtraq or securityfocus archives (or any other well-known source)? It sould be easy, huh :)? Adom11 (talk) 20:30, 17 January 2008 (UTC)
- "Discoverer of how to exploit format string vulnerabilities" is an extraordinary claim. The burden is not on me to verify it. --- tqbf 20:33, 17 January 2008 (UTC)
- Ok, what about current state of the article? Adom11 (talk) 21:05, 17 January 2008 (UTC)
--- tqbf 14:59, 17 January 2008 (UTC)
- I can't evaluate the first cite; it's not in English. This is the English Wikipedia.
- http://www.diva-portal.org/diva/getDocument?urn_nbn_se_liu_diva-7866-1__fulltext.pdf? We usually don't delete sources on quantum mechanics, because taxi driver cannot understand it. There are people fluent in the language of the document, so let them verify it. Many wikipedias refer to sources in other languages (esp. english), I don't see a reason why not let it here. What about marking it with a flag or with some other language descriptor? Adom11 (talk) 20:05, 17 January 2008 (UTC)
- No, but you might delete a source on quantum mechanics if a physicist couldn't verify it. I'm not anonymous; check out my user page, and Google. --- tqbf 20:13, 17 January 2008 (UTC)
- So, please, translate the article, and on the basis of your knowledge save it or delete the link. Adom11 (talk) 20:30, 17 January 2008 (UTC)
- I can't translate the article, but given context about where the article was published, who wrote it, and what it says, I can evaluate whether it establishes notability for this researcher. Note that the other examples you gave --- Zalewski and RTM --- are "famous", having appeared regularly in the mainstream english press. --- tqbf 20:32, 17 January 2008 (UTC)
- Why did you remove link to the CVE on WU-FTPD exploit? It just said he was an author of "one of the first exploits for...". Adom11 (talk) 21:05, 17 January 2008 (UTC)
- Because the link you provided credits somebody else with the discovery of the vulnerability. --- tqbf 21:30, 17 January 2008 (UTC)
- AS Vulnerability and an exploit are two different things. Adom11 (talk) 21:42, 17 January 2008 (UTC)
- I dispute that the cite to "economy-point.org" is reliable: there is no evidence of editorial oversight, and the content is badly machine-translated. --- tqbf 19:47, 17 January 2008 (UTC)
- Agreed Adom11 (talk) 20:05, 17 January 2008 (UTC)