lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 21 Dec 2007 11:07:38 -0600
From: "Nate McFeters" <nate.mcfeters@...il.com>
To: SecReview <secreview@...hmail.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: [Professional IT Security Reviewers -
	Exposed] SecReview ( A + )

Unless I missed something, these seemed like legitimate responses.  They may
not have all been delivered with tact, but I mean, you are on FD, what did
you expect?

I think some valid points are brought up about your credentials and your
process.

Nate


On 12/21/07, SecReview <secreview@...hmail.com> wrote:
>
> PaulM:
>
> You'd be right only if you weren't wrong. That being said, we're
> not going to talk to the trolls any more. While it might be amusing
> it's a waste of our time, and our readers time.
>
> We will continue to write reviews and will continue to be as honest
> and truthful as possible during our reviews. Likewise, if any of
> our legitimate readers have any questions or comments about our
> blog, we'd very much appreciate them. We especially want people to
> comment if they have worked with a vendor that we have assessed, we
> want to know your experience. Other than that, thanks for your time
> and thanks for reading!
>
>
>
> On Fri, 21 Dec 2007 07:00:40 -0500 Paul Melson <pmelson@...il.com>
> wrote:
> >On Dec 20, 2007 7:19 PM, SecReview <secreview@...hmail.com> wrote:
> >> > 1.) What are your qualifications for reviewing these
> >companies?
> >>
> >> We are a team of security professionals that have been
> >performing a
> >> wide array of penetration tests, vulnerability assessments, web
> >> application security services etc. One of our team members has
> >> founded two different security companies both of which have been
> >> very successful and have offered high quality services. Yes we
> >have
> >> all sorts of pretty little certifications, but those don't
> >really
> >> matter.
> >
> >So this is basically a tacit admission that every one of your
> >"team"
> >has something to gain by smearing the competition.  At this point,
> >I'm
> >inclined to believe that the firms you've scored favorably are
> >your
> >employers.  You're not only incompetent, it seems that you're
> >unethical as well.  Not that I'm surprised.
> >
> >PaulM
> Regards,
>      The Secreview Team
>      http://secreview.blogspot.com
>
> --
> Click for free information on accounting careers, $150 hour potential.
>
> http://tagline.hushmail.com/fc/Ioyw6h4dCaRmEr952Q9rDz2W8lHgc6veIDv3aadT6aNuLUwzQUCOfu/
>      Professional IT Security Service Providers - Exposed
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ