Full Disclosure mailing list archives

Re: IE 0day for sale

From: Jeff Williams <jeffwillis30 () gmail com>
Date: Sat, 12 Dec 2009 14:12:04 +1100

And the question is now:
should the Mossad, NSA, etc be considered as bad guys ?




2009/12/12 Jeff Williams <jeffwillis30 () gmail com>

If idefense pay 7000$ for a RCE on IE, it's possibly because they sell
theses bugs to the NSA, MOSSAD, MI10 ?

From my understanding, MS do not pay for any reported vulnerability, or
maybe i missed the "make a donation" icon on idefense website ?



2009/12/12 Shyaam <shyaam () gmail com>

:) Good one Valdis. That is what I was exactly trying to do.


#1. If his intent was good, he would have sent it to the vendor and to the
US Cert.
#2. His aim is to get money:
      a. Instead of selling it directly to black market and not getting
any returns, or having some legal agency stepping onto his doors he could as
well sell it to these companies.
      b. These companies DO NOT sell stuff to BLACK MARKET. Straighten
your facts before you accuse any of the below:
zdi,idefense,securiteam,immunity,etc. They have better things to do than to
sell it off to the bad guys.

Besides, many people have that kind of a notion only because there are
many hollywood movie fanatics out there, who suspect every single entity
around you.

Thanks for your creative response though :). You really cracked me up :)

Shyaam


On Sat, Dec 12, 2009 at 2:31 AM, <Valdis.Kletnieks () vt edu> wrote:

On Fri, 11 Dec 2009 20:13:52 EST, Jeff Williams said:

zdi,idefense,securiteam,immunity,etc is a front, your exploit will

anyways

end up on the blackmarket by selling it to theses company.
How can you be that naive ?


You're talking to somebody willing to sell to the highest bidder on F-D.
Draw your own conclusions about whether they actually care if it ends up
on
the black market.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: IE 0day for sale, (continued)
- - - Re: IE 0day for sale Thor (Hammer of God) (Dec 11)
    - Re: IE 0day for sale Nelson Brito (Dec 11)
- Re: IE 0day for sale yaroslav (Dec 11)
- Re: IE 0day for sale Benji (Dec 11)
- Re: IE 0day for sale mrx (Dec 11)
- Re: IE 0day for sale Shyaam (Dec 11)
  - Re: IE 0day for sale Jeff Williams (Dec 11)
    - Re: IE 0day for sale Valdis . Kletnieks (Dec 11)
    - Re: IE 0day for sale Shyaam (Dec 11)
    - Re: IE 0day for sale Jeff Williams (Dec 11)
    - Re: IE 0day for sale Jeff Williams (Dec 11)
    - Re: IE 0day for sale jack . a . mannino (Dec 11)
    - Re: IE 0day for sale Gregor Schneider (Dec 12)