| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Nov 2011 17:28:35 -0500
From: adam <adam@...sy.net>
To: secn3t@...il.com
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Secunia jumps on vuln reward bandwagon
"The rewards on offer will range from top-of-the range merchandise to
two major annual rewards such as free hotel accommodation and entry to
an IT security conference chosen from a list of the most popular
global security conferences"
I'm especially curious to see exactly what the merchandise is. Can you
imagine if it was coffee mugs or tshirts with Secunia's logo? "To show you
our appreciation, we're going to *let you* advertise for us!"
I think the terms of the "hotel accommodation" will also prove to be
interesting.
On Thu, Nov 3, 2011 at 1:18 PM, xD 0x41 <secn3t@...il.com> wrote:
> Their 'rewards' do not seem to justify the vulnerability/exploit research
> time.
>
> This is what ive been saying for uh, 3months now... but, do they ever?
> And also, is it better to have even one more payer, than have nothing
> atall... or sell to blackhat sites only ?
> i guess this is atleast an alternative and, maybe even a good learning
> tool for some...
> learn to never trust a person when they say "you will get great money'.
> ;)
>
>
> On 4 November 2011 05:14, Ryan Dewhurst <ryandewhurst@...il.com> wrote:
> > Their 'rewards' do not seem to justify the vulnerability/exploit
> research time.
> >
> > "The rewards on offer will range from top-of-the range merchandise to
> > two major annual rewards such as free hotel accommodation and entry to
> > an IT security conference chosen from a list of the most popular
> > global security conferences. The latter rewards will be given for the
> > first time in January 2012. One reward will be given to the
> > researcher who coordinates the most interesting vulnerability as
> > judged by Secunia in the form of a prize under the Most Interesting
> > Coordination Report category. Criteria will include complexity,
> > impact, level and level of detail. The other will be given to the
> > researcher who has been consistently coordinating correct, clearly
> > detailed vulnerability reports that are quick and easy to confirm as
> > judged by Secunia. The researcher will be given the title, ‘Most
> > Valued Contributor’ by Secunia. Other rewards will be continuously
> > given to researchers coordinating their discoveries through Secunia
> > based on their individual performance."
> >
> > http://secunia.com/company/blog_news/news/271
> >
> > Ryan Dewhurst
> >
> > blog www.ethicalhack3r.co.uk
> > twitter www.twitter.com/ethicalhack3r
> > projects www.dvwa.co.uk | www.webwordcount.com |
> code.google.com/p/wpscan
> >
> > On Thu, Nov 3, 2011 at 5:57 PM, Georgi Guninski <guninski@...inski.com>
> wrote:
> >> On Thu, Nov 03, 2011 at 05:46:15PM +0100, Michele Orru wrote:
> >>> -----BEGIN PGP SIGNED MESSAGE-----
> >>> Hash: SHA1
> >>>
> >>> It seems that even XSS, XSRF and SQLi are accepted...
> >>> Interesting.
> >>>
> >>> Cheers
> >>> antisnatchor
> >>>
> >>> Georgi Guninski wrote:
> >>> >
> http://www.theregister.co.uk/2011/11/02/secunia_vulnerability_rewards/
> >>> > Secunia jumps on vuln reward bandwagon
> >>> >
> >>> > have in mind the list is "Hosted and sponsored by Secunia"
> >>> >
> >>
> >> What about alternatives?
> >>
> >> How much the hosting will cost?
> >>
> >> I remember how aleph1 sold bugtraq (including the paid posters)
> >> and i don't feel like contributing to bugtraq ver. 2.
> >>
> >> --
> >> j
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >>
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists