Full Disclosure mailing list archives
Re: Another 0day to sell.
From: "Joey Mengele" <joey.mengele () hushmail com>
Date: Thu, 13 Sep 2007 14:02:20 -0400
If you can't see that knowledge of an impending sale in a 0day vulnerability in a specific and publicly disclosed product can help you to mitigate risk against said product in a customers environment, then I am afraid I must speculate you are not as educated as a CISSP, and are therefore not even qualified to develop a password policy, let alone be doing security stuff! Any good CISSP will tell you there is more to security than patching! Even some of the bad ones know LOLOL! Unfortunately, most hacker/cracker webgangs are in on it too! J CISSP On Thu, 13 Sep 2007 13:54:14 -0400 Alex Robar <alex.robar () gmail com> wrote:
Thank you for actually looking it up. Now that we've got that squared away... I agree that it's valuable to see what those 0day threats are, but that's the key: You don't tell the list. You don't say what they are, and _that_ is the point of full-disclosure. If you were to post what type of vulnerabilities you had, what software they affected... Then I wouldn't have any type of problem with you offering to sell them. You discovered them, and you're within your rights to do whatever you want with them. But you posting that you've got a random 0day to sell doesn't help raise the level of protection my customers get. AR On 9/13/07, Joey Mengele <joey.mengele () hushmail com> wrote:Thanks for the biography. If you are indeed being sincere, I am interested in knowing why you wouldn't find it a valuableserviceto have people publicly attempting to broker deals on the list. What I mean is, wouldn't it raise the GEARYTECH, INC. THREATCONanotch or two if someone was attempting to sell a 0day in a pieceofsoftware that GEARYTECH, INC. has facing The Internets? But honestly Mr. Rebar, isn't it easy to just ignore the one message that seems to bother only you and that other crybaby,theGuasconi guy? J "0day happens" On Thu, 13 Sep 2007 13:38:19 -0400 Alex Robar <alex.robar () gmail com> wrote:I don't discover vulnerabilities; It's not my job or an area of interest to me. I'm on this list to catch any vulnerabilities in softwarethatmy company deploys to client networks, and deal with protectingthemfrom said vulnerabilities. Different people offer to sell exploits quite often on this list, and they're all told the same thing: Go somewhere else.Readthe charter for what you're supposed to post here. AR On 9/13/07, Joey Mengele <joey.mengele () hushmail com> wrote:LOLOLOLOLOLOL keep replying!!! Do you know any cool security stuff? J On Thu, 13 Sep 2007 13:16:28 -0400 Alex Robar <alex.robar () gmail com> wrote:Right, right... "Someone else can prove that you aren't whoyousay you are." Good argument. Do a little research before postingsomethinglike that. AR On 9/13/07, Joey Mengele <joey.mengele () hushmail com> wrote:I think Dr. Neal Krawetz could easily prove Alex Robar isactuallythe same person as this Guasconi fag. Neither haveprovidedanything of value to the list. Unless you count selfimportantopinions and the tendency to speak for the entire body ofthelist.Geesh dude, even I post some security stuff! So anyway Alex/Guasconi/n3td3v, keep trolling now thatyoursecretis exposed. Or, prove that you are not all the same personifitisnot so. J On Thu, 13 Sep 2007 12:18:28 -0400 Alex Robar <alex.robar () gmail com> wrote:"Full disclosure", much like how it sounds, is for fully disclosing vulnerabilities that you've found. Guasconi is right -Thislistisn't for selling exploits you've discovered. AR On 9/13/07, Joey Mengele <joey.mengele () hushmail com>wrote:I think offers to sell 0day are more relevant to thislistthanthestupid trash and one line comments you have providedconsistentlyduring your time here. Maybe you should stop or find anewlist?Orjust kill yourself, perhaps... J On Thu, 13 Sep 2007 02:47:45 -0400 Guasconi Vincent <tyoptyop () gmail com> wrote:On 9/12/07, Juergen Marester<marester.juergen () gmail com>wrote:Thanks for people who bought me codes since my lastpost.I also have other 0day to sell. Contact by e-mail.Stop. -- Guasconi Vincent Student. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/-- Click for free info on rehab treatments for drug &alcoholdependency.http://tagline.hushmail.com/fc/Ioyw6h4eH4ipKWT7bgKiT735WpgEy1lOuPmuHt3RDlVRKDdbkjCRPS/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/-- Alex Robar alex.robar () gmail com-- Click here for free information on starting a businessfromyourhome.http://tagline.hushmail.com/fc/Ioyw6h4dA5RsHere4CNg8GgV7mRB35uzN7tEtJaqcvuCZNvnFtu6Y1/-- Alex Robar alex.robar () gmail com-- Click now and find the perfect favors for any occasion!http://tagline.hushmail.com/fc/Ioyw6h4fF8B62vyiPEzWrCWumSdE7DSdP36O1EwLbUYNMPOkcOGR3n/-- Alex Robar alex.robar () gmail com-- Don't throw your computer away! Click now for expert computerrepair!http://tagline.hushmail.com/fc/Ioyw6h4dHnrqFQpGXOxdKtNlK0fa9ANaeTcJ uJChMOTUcYhrVBSgeJ/-- Alex Robar alex.robar () gmail com
-- Prices, software, charts & analysis. Click here to open your online FX trading account. http://tagline.hushmail.com/fc/Ioyw6h4eApyjADBbpGV3nLDaKFtFTBnYAX11AzGYtz94EsEbN8jAMo/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Another 0day to sell., (continued)
- Re: Another 0day to sell. Joey Mengele (Sep 13)
- Re: Another 0day to sell. Guasconi Vincent (Sep 13)
- Re: Another 0day to sell. Alex Robar (Sep 13)
- Re: Another 0day to sell. Joey Mengele (Sep 13)
- Re: Another 0day to sell. Alex Robar (Sep 13)
- Re: Another 0day to sell. Richard Golodner (Sep 13)
- Re: Another 0day to sell. gjgowey (Sep 14)
- Re: Another 0day to sell. Jimby Sharp (Sep 13)
- Re: Another 0day to sell. Alex Robar (Sep 13)
- Re: Another 0day to sell. Joey Mengele (Sep 13)
- Re: Another 0day to sell. Joey Mengele (Sep 13)
- Re: Another 0day to sell. Alex Robar (Sep 13)
- Re: Another 0day to sell. Joey Mengele (Sep 13)
- Re: Another 0day to sell. Alex Robar (Sep 13)
- Re: Another 0day to sell. Jimby Sharp (Sep 13)
- Re: Another 0day to sell. Alex Robar (Sep 13)
- Re: Another 0day to sell. Joey Mengele (Sep 13)
- Re: Another 0day to sell. Alex Robar (Sep 13)