lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <1298.212.45.68.12.1027121643.squirrel@www.core.gen.tr>
From: evrim at core.gen.tr (evrim@...e.gen.tr)
Subject: show must go on w/ or w/o secfocus.

hi,

Finally i've found the right place to discuss the secfocus.

I'm 22 years old and i've some questions in my mind . Maybe people here
may know the answers:
1. Why we did not argued when geek-girl transformed into secfocus? Nothing
has changed. One firm bought another. Secfocus was also making money from
work of all of us. (This is maybe cos' aleph1)
2. Everybody here knows that we need a database on this planet  to learn
more for fun or for profit because noone can know every hole in every os.
So, who can guarantee that another list is not going to be acquired again
in the future?
3. $75 million is very cheap. Do all the vuln-information costs 75$? I
really don't think so.
4. A license is a must but how can we build a license for our vuln-info
including exploits/methods? I don't think this is possible cos' every os
has an owner and all material we'r working with belongs to them.
5. Do we really need a center like old geek-girl/ new secfocus in order to
be informed about the community and development?  Of course yes. So, only
a commercial firm can build/maintain a system that can serve all of us
7/24. But we are talking about nonprofit vulnbase. How this can be built?
*that i really don't know*.
IMHO's:
a)I think there will be a new vulnbase center and this will be very near
to some security geek in somewhere on this world. But community will
decide who will be the guy.b)I am a volunteer if there is an existing vulnbase/portal project. (i've
made one portal before maybe helpful core.gen.tr)Just send me info.c)In addition to these i'm sure that nobody here wants to spend time on
where we'r going to post our researches. It's useless. Instead we just
want to spend time on our researches.
Thnx.

evrim.
evrim at core.gen.tr





Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ