Full Disclosure mailing list archives

Re: What do you think of Trollc?

From: Brandon Perry <bperry.volatile () gmail com>
Date: Tue, 27 May 2014 14:37:54 -0500

Not only that, but let's extrapolate from some recentish events.

Healthcare.gov was touted as being full of security issues. However,
everyone knows that in order to prove this, you needed to break the law to
begin with. Politicians knew this, which was why the hearings were so
entertaining.

If weev did this, he could yell all day about supposed vulnerabilities, but
as soon as he provided proof that something was exploitable, the company
would turn around and sue him under CFAA.


On Tue, May 27, 2014 at 2:32 PM, Jeffrey Walton <noloader () gmail com> wrote:

On Tue, May 27, 2014 at 3:04 PM, Brandon Perry
<bperry.volatile () gmail com> wrote:

Not even sure when the last vulnerability that caused any fluctuation in
the stock markets was.

+!. I'm not sure it ever hurt Sony, and they've had over 40 documented
problems [0, 1, 2, et al]. Some of them were very serious from a data
security perspective.

Jeff

[0] http://attrition.org/security/rant/sony_aka_sownage.html
[1]
http://www.reuters.com/article/2011/04/26/us-sony-stoldendata-idUSTRE73P6WB20110426
[2] http://beta.slashdot.org/story/176757

On Tue, May 27, 2014 at 1:49 PM, Philip Cheong <isctsf () gmail com> wrote:

From https://www.startjoin.com/trollc

*Right now if you're a software exploit developer and you want to

monetize

your craft to pay your rent, there's only one consistent way to do so:

sell

your software exploits. The major customer for these are oppressive
governments, chiefly that of the United States. We know what the United
States does with software exploits: it uses them to illegally spy on its
own citizens, and attack peaceful nations around the world.*

*I need your help to create a company that will ethically disclose

software

vulnerabilities to the public. For this I need help getting the filing

fees

necessary to incorporate a hedge fund. I want to continue bringing

issues

in companies that put you at risk to light, and short the stocks of

those

companies when I do so. I will only get paid when large corporations

being

negligent get punished. This will create a structure by which security
researchers including myself will still make a living, only now by
disclosing problems instead of selling them in secret to criminal
governments.*




-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

What do you think of Trollc? Philip Cheong (May 27)
- Re: What do you think of Trollc? Julius Kivimäki (May 27)
- Re: What do you think of Trollc? Scott Arciszewski (May 27)
- Re: What do you think of Trollc? Brandon Perry (May 27)
  - Re: What do you think of Trollc? Jeffrey Walton (May 28)
    - Re: What do you think of Trollc? Brandon Perry (May 28)
    - Re: What do you think of Trollc? Jeffrey Walton (May 29)
- Re: What do you think of Trollc? Michal Zalewski (May 27)
  - Re: What do you think of Trollc? Roberto Martelloni (May 28)
    - Re: What do you think of Trollc? Michal Zalewski (May 28)
    - Re: What do you think of Trollc? Jeffrey Walton (May 28)
    - Re: What do you think of Trollc? Michal Zalewski (May 28)
    - Re: What do you think of Trollc? John Menerick (May 28)
- Re: What do you think of Trollc? Bogdan-Stefan Rotariu (May 28)
- Re: What do you think of Trollc? Brian M. Waters (May 29)
  - Re: What do you think of Trollc? Michal Zalewski (May 29)

(Thread continues...)