Full Disclosure mailing list archives
Re: What do you think of Trollc?
From: Scott Arciszewski <scott () arciszewski me>
Date: Thu, 29 May 2014 17:00:30 -0400
"Ethical" is always a matter of perspective. "Legal" and "effective" are the relevant points of contention. On Wed, May 28, 2014 at 10:29 PM, Brian M. Waters <brian () brianmwaters net> wrote:
So far the thread of discussion here has focused on whether or not Weev's plan would /actually work/. But lets take a step back. If I understand it, the plan is to facilitate "ethical vulnerability disclosure" by 1) Finding security vulnerabilities in live sites 2) Disclosing them to the public before notifying the site operators 3) Thereby causing the stock price to drop and 4) Making money by short-selling on knowledge only the developer has I could distill that to layman's terms: "Hurting someone else and making money at their expense." So, how is that ethical, again? Did I miss something? BW On Tue, 27 May 2014 20:49:45 +0200 Philip Cheong <isctsf () gmail com> wrote:From https://www.startjoin.com/trollc *Right now if you're a software exploit developer and you want to monetize your craft to pay your rent, there's only one consistent way to do so: sell your software exploits. The major customer for these are oppressive governments, chiefly that of the United States. We know what the United States does with software exploits: it uses them to illegally spy on its own citizens, and attack peaceful nations around the world.* *I need your help to create a company that will ethically disclose software vulnerabilities to the public. For this I need help getting the filing fees necessary to incorporate a hedge fund. I want to continue bringing issues in companies that put you at risk to light, and short the stocks of those companies when I do so. I will only get paid when large corporations being negligent get punished. This will create a structure by which security researchers including myself will still make a living, only now by disclosing problems instead of selling them in secret to criminal governments.* What say you? Is this brilliant? Or stupid? Awesome? But never going to work? _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/-- Brian M. Waters Burlington, Vermont, USA +1 (908) 380-8214 brian () brianmwaters net https://brianmwaters.net/ _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Re: What do you think of Trollc?, (continued)
- Re: What do you think of Trollc? Michal Zalewski (May 27)
- Re: What do you think of Trollc? Roberto Martelloni (May 28)
- Re: What do you think of Trollc? Michal Zalewski (May 28)
- Re: What do you think of Trollc? Jeffrey Walton (May 28)
- Re: What do you think of Trollc? Michal Zalewski (May 28)
- Re: What do you think of Trollc? John Menerick (May 28)
- Re: What do you think of Trollc? Roberto Martelloni (May 28)
- Re: What do you think of Trollc? Michal Zalewski (May 27)
- Re: What do you think of Trollc? Bogdan-Stefan Rotariu (May 28)
- Re: What do you think of Trollc? Brian M. Waters (May 29)
- Re: What do you think of Trollc? Michal Zalewski (May 29)
- Re: What do you think of Trollc? Jeffrey Paul (May 29)
- Re: What do you think of Trollc? Scott Arciszewski (May 29)