> It likely isn't always one of the kernel devs, but I fail to see how you
> can make claims regarding relative probabilities without data
because in my carrier i have seen part of what we now call the security industry and i know
for a fact that the kernel devs can't match their resources.
> (and I can't figure out how to get useful data without being a major
> black hat whom a lot of other black hats talk to).
see, one way i can tell a security professional from the armchair one is that the latter's
world consist of simple black and white whereas the former knows it's way more complex. so
however disappointing it will sound to you, no, you don't need to be a 'major black hat'
(whatever that means anyway) to know the capabilities acquired by the security industry.
> (You really do talk a lot about straw men for someone who produces so
i see you feel very stronly when yours are being exposed one by one (notice how you never even
contested any of them or chose to chicken out, and btw, i thought you were done with this
thread ;), so you're welcome to expose every single one of mine ;).