lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20020816092018.T1523-100000@vapid.ath.cx>
From: lwc at vapid.ath.cx (Larry W. Cashdollar)
Subject: Exploits Contributor Program

>
> Greetingz again,
>
> 1. We _are_ serious.  Very serious.  While our offer was written to
> poke fun at iDefense's offer, we are definitely not joking.  And if
> US$1000+ seems too high to believe, that's because
>
>     (a) you and your research have been taken for granted from all
>     around so far,
>
>     (b) you're too easily satisfied by iDefense's offer, or
>
>     (c) you just like PayPal.
>
> 2. Obviously, iMoolah is not the real name of our company.  And yes,
> it is hosted on a free web site, using a free e-mail address, and all
> the usual anonymity shebang.  But that's for a couple of reasons:
>
>     (a) we don't want to reveal the true identity of our company,
>     and registering a domain name, getting it securely hosted on
>     astalavista.com, etc, wouldn't help, and
>
>     (b) this program was set up in response to iDefense's offer,
>     which we felt we had to counter quickly in order to retain
>     our competitive edge. If we had had more time (and we still
>     might), I could have cajoled my next door neighbor into
>     registering the name for me, called in that favor from my friend
>     in Russia who's got a web server, etc., etc.
>
> 3. To those who've responded to us so far -- we'll be getting in
> touch with you. =)  For those who haven't, you could always wait for
> the others to write in later telling you how their bank accounts have
> suddenly grown a bit -- if they decide to let you on, of course.
>
> 4. For those of you who aren't able to or don't want to download our
> PGP public key from our website, it's now available on the normal
> keyservers.  What a bother.
>

How do I claim my $1000.00 gain to the IRS from an anonymous company?  If
you don't trust me to know who you are, how can I trust you to pay me?
You have to remember all of the people on this list are pretty paraniod.

=)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ