lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 16 Jan 2013 10:18:36 +0400
From: gremlin@...mlin.ru
To: full-disclosure@...ts.grok.org.uk
Subject: Re: how to sell and get a fair price

On 15-Jan-2013 16:45:30 -0500, Valdis.Kletnieks@...edu wrote:

 > > Also, what stops a person to file it under a company name if
 > > that's easier? I admit I'm not into this area, so I might be
 > > missing something fundamental...

 > If you publish an exploit as "BitWizard97", and somebody scarfs
 > it up and starts selling it,

Starts selling what? Already published exploit? Bwahahaha...

 > filing the suit to enjoin them from selling it without your
 > permission under a company name doesn't make it any easier
 > to prove that you, or the company, have any legal standing
 > to represent BitWizard97.

Digital signatures may help. Actually, you don't need to prove
that you are the BitWizard97 - you only need to prove that you
can act on his behalf (that means: read encrypted messages and
sign the replies with his key).

 > It's especially problematic if the local law enforcement
 > authorities want to have a little chat with BitWizard97
 > regarding some other activities...

They should want to ask those questions to another person -
say, BitBreaker12, who may be suspected in something illegal.


-- 
Alexey V. Vissarionov aka Gremlin from Kremlin <gremlin ПРИ gremlin ТЧК ru>
GPG key ID: 0xEF3B1FA8, keyserver: hkp://subkeys.pgp.net
GPG key fingerprint: 8832 FE9F A791 F796 8AC9 6E4E 909D AC45 EF3B 1FA8

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ