lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: phantasm at (Robert Davies)
Subject: M$ puts bounty out for Blaster and Sobig culprits


> -----Original Message-----
> From: Vic Vandal [] 
> Sent: Wednesday, November 05, 2003 10:03 AM
> To:
> Subject: [Full-Disclosure] M$ puts bounty out for Blaster and 
> Sobig culprits
> M$ is offering $250K for info leading to the arrest of those 
> who released Blaster and/or Sobig.  See the details here:
> One outcome of this will be severely limiting bragging about 
> pulling off such sploits.

Forget about limiting the bragging rights, but it will also limit the
research and release of information to get these flaws fixed... Granted its
not like its already limited by the DMCA or anything... bleh

> And one would think those actually guilty should be real busy 
> right now erasing any/all evidence (that they didn't take 
> care of long ago).

I am sure if I was in any of the shoes of the guily I would be on a computer
melting frenzy about now.

> Maybe M$ should put out a bounty for reporting bugs in their 
> crappy software without going public instead.  That might be 
> more effective.

Effective, yes, but I would not believe MS willing to pay people to hear
about how crappy they coded x, y and z service.

I really think MS needs to put a bounty on the fool that wrote the shitty
code leaving the effected parts of the OS so wide open in the first place.

> Peace,
> Vic


> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:

Powered by blists - more mailing lists