Re: Google open redirect

[Gage Bystrom <themadichib0d () gmail com>]

Good point.

Makes me wonder though how many people realize that ZDi and such are third
parties.....
On Dec 8, 2011 9:47 AM, <Valdis.Kletnieks () vt edu> wrote:

> On Thu, 08 Dec 2011 14:24:21 -0300, Pablo Ximenes said:
> > 2011/12/8 Michal Zalewski <lcamtuf () coredump cx>
> > > If you don't like it, let us know how to improve it. You also always
> > > have the option of not researching vulnerabilities in these platforms;
> > > going with the full-disclosure approach; or selling the flaws to a
> > > willing third party.
>
> > Well, selling flaws to third parties might be considered a crime in some
> > places, so I would be cautious with that approach.
>
> I suspect a large portion of the people who are selling flaws to third
> parties
> are not at all concerned about whether selling the flaw is a crime, as
> often the
> bigger question is how many crimes were committed in the discovery
> process...
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/