Those who follow security will find the following amusing:

An anonymous person has again posted vulnerability information gleaned from the Computer Emergency Response Center (CERT) approximately 10 days in advance of CERT's intended release of information to the public.

The vulnerability involves Adobe PDF files; the files might be able to execute arbitrary commands on a system viewing a PDF file that contains malicious hyperlinks.

In past months, the anonymous poster who goes by the alias "Hack4life," has somehow managed to obtain private information from CERT without the company's knowledge and subsequently disclosed that information to the public before vendors were ready to do so. CERT works with vendors who experience security problems to coordinate patch and information release. The anonymous person's antics undermine that process.

More here: http://www.wininformant.com/Articles/Index.cfm?ArticleID=39320 -------- CERT walks the middle ground and does a good job of it, but it is a little humorous to see an entity dedicated to security struggle to protect its own information. The anonymous being behind the leaks even tells the world when new information will be released, and yet his or her identity remains a mystery. The lesson here is that security is only as good as your ability to discern the lack of it. If you ever reach a point where you think you're secure, you are at your most vulnerable then.

Ciao,

ah