Full Disclosure mailing list archives
Re: IE7 Information Disclosure - For sale
From: "Eliah Kagan" <degeneracypressure () gmail com>
Date: Fri, 5 May 2006 21:42:00 -0400
Based on all of the "feedback" on this cess-pool called a mailing list.
Did you expect that subscribers to the FULL DISCLOSURE mailing list would support your plan to make money off of withholding disclosure?
I am now offering my vulnerabilities for sale only to those that
Wait...what about all the people you said had already bid? Are you just going to screw them over?
a.) will not report it to the vendor and b.) will only use it for their own profit via spyware installations and spambots. I will discount the price to anyone using it in the above manner
Ah, you aren't actually going to offer your vulns only to such people (as you said you would) -- rather, you will offer a discount only to such people. How do you intend to enforce the terms of your discount deal? Are you going to require the buyer to sign a nondisclosure agreement to get the discount? I'm not any more sure that you're really offering this discount than I am that you've discovered a vulnerability, but it would be interesting to follow the court proceedings should you be indicted along with the spyware author or spammer. Although you don't really have to sell it--you're already soliciting people to engage in criminal behavior.
to target so called security professionals subscribed to this list.
So, let me get this straight...you want to prove that these "so-called security professionals" are lamers by making it known that: (1) You have developed a vulnerability and intend to sell it to a spyware author or spammer. (2) The "so called security professionals" oppose you. -Eliah _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- IE7 Information Disclosure - For sale 0x80 (May 04)
- Re: IE7 Information Disclosure - For sale Travis Good (May 05)
- <Possible follow-ups>
- Re: IE7 Information Disclosure - For sale 0x80 (May 05)
- Re: IE7 Information Disclosure - For sale Eliah Kagan (May 05)
- WRONG MARKET BUDDY Re: IE7 Information Disclosure - For sale donnydark (May 05)
- Re: WRONG MARKET BUDDY Re: IE7 Information Disclosure - For sale ad () heapoverflow com (May 06)
- Re: IE7 Information Disclosure - For sale Eliah Kagan (May 05)
- Re: IE7 Information Disclosure - For sale 0x80 (May 06)
- Re: IE7 Information Disclosure - For sale Eliah Kagan (May 06)