Full Disclosure mailing list archives
Re: Office 0day
From: "secure poon" <suckure () gmail com>
Date: Mon, 25 Jun 2007 13:18:42 -0700
*Proposition* Microsoft is a 280+ billion dollar corporation. Why don't/can't they have a standard ransom fee for security flaws? 0day Remote OS flaw: $1,000,000 0day IE explorer flaws that give administrative shells: $200,000 0day (other flaws) that affect other products (ie office): $200,000 etc..(these fees could be much higher) Provided the person who discovered the vulnerability gives a full working patch, Then Microsoft could patch the hole right away and people could update. (yes i know lots of people don't update but at least it is a start, and then legally they would be so liable). Maybe this concept isint new and I am just in the dark about it. *Question* ** Why does'nt Microsoft (or any company) do this? And also has Microsoft ever been held criminaly liable for negligence in a criminal case for not patching a flaw leading to a security breach? Or is there team of lawyers just to much for any normal person? On 6/25/07, Kradorex Xeron <admin () digibase ca> wrote:
On Sunday 24 June 2007 16:19, toto.toto () webmail co za wrote: > I can't give detail here Isn't this list called "full-disclosure"? - in otherwords: If you aren't going to disclose anything: DON'T post that you "have something". This list is designed specifically for disclosing (and discussing on the occasion) vulnerabilities, problems, etc to the entire community at once, not just selectively who you choose (i.e. who buys your "0day"). _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Office 0day toto . toto (Jun 25)
- Re: Office 0day Valdis . Kletnieks (Jun 25)
- Re: Office 0day Kradorex Xeron (Jun 25)
- Re: Office 0day secure poon (Jun 25)
- Re: Office 0day Jared DeMott (Jun 25)
- Re: Office 0day Valdis . Kletnieks (Jun 25)
- Re: Office 0day phpninja (Jun 25)
- Re: Office 0day Troy (Jun 25)
- Re: Office 0day phpninja (Jun 25)
- Re: Office 0day kefka (Jun 25)
- Re: Office 0day secure poon (Jun 25)
- Re: Office 0day Valdis . Kletnieks (Jun 25)