lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20060309192420.2763.qmail@web53809.mail.yahoo.com>
Date: Thu Mar  9 19:24:28 2006
From: rjf at russfoster.com (Russell J Foster)
Subject: For Sale: Security Vulnerability Database
	Company 

True. But either way, the credibility of the offer is extrememly low.
Some bozo has been "solicited" to sell a company...who is he? Is he an
attorney? A corporate raider? Someone who's gathered the freely
available info and wants to make a quick sleezy buck?

If this were a serious offer, I'd at least expect a phone number and
website (of the company brokering the sale). Not a "reply to my
googlemail account"...

-r

--- Valdis.Kletnieks@...edu wrote:

> On Wed, 08 Mar 2006 05:46:03 PST, System Outage said:
> 
> >   Why would someone buy a security vulnerability database company?
> Theres
> > already free security vulnerability databases out there. Try this
> one I
> > recently found, you can search for anything you want
> http://groups.google.com/
> > group/n3td3v and its free.
> 
> Geez. Somebody hand me a sharp wooden stake, a good mallet, and some
> garlic
> and holy water just in case... ;)
> 
> I'm sure you can *search* for anything you want there.  The value of
> a database
> is, however, directly related to its ability to return useful
> information.
> 
> 5,000 postings that all say "wow leet hole in ntp a few years ago" is
> worth
> nowhere near as much as one detailed technical posting of how that
> exploit
> leveraged a one-byte buffer overrun into a complete rooting of the
> box....
> > _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ