| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Sep 2007 10:37:20 -0700 From: "Kristian Erik Hermansen" <kristian.hermansen@...il.com> To: full-disclosure@...ts.grok.org.uk, dailydave@...ts.immunitysec.com Subject: Hacking software is lame -- try medical research... Some interesting discussion came up on some security lists this week and it got me to thinking. Yes, hacking software is lame. Cool, so you found some vulnerabilities in some widely distributed application, service, or OS and it is patched just as quickly. Why don't we spend our time and valuable energy researching cures for rare or popular diseases instead? For instance, my brother (Jon Hermansen) has a very rare disease called Langerhans Cell Histiocytosis. It is also better known as LCH. It can be identified as causing such further diseases as Diabetes Insipidus, which is also uncommon (not sugar diabetes). Have you heard of these diseases before? Let me educate you… General Information: http://en.wikipedia.org/wiki/Langerhans_cell_histiocytosis http://en.wikipedia.org/wiki/Diabetes_insipidus Seven Part Video Series: http://youtube.com/watch?v=KkBRqZS8nfM http://youtube.com/watch?v=w1h6ZjxF-To http://youtube.com/watch?v=0ojbJpERlt8 http://youtube.com/watch?v=dzUqdYofMCQ http://youtube.com/watch?v=lNhzwNYhi0M http://youtube.com/watch?v=nY9DDEhShcE http://youtube.com/watch?v=5_8SEYyEZGI And even worse than this, a friend of mine who is a PhD student in Math at Berkeley has an even rarer disease known as Gaucher's Disease. This costs $550,000 / year to treat. That's a hefty bill every year (you make that much doing security vulns?), and some insurance companies might refuse to accept you due to "pre-existing" conditions. So guess what, my friend does not have health insurance and has not been treated for two years. A genius might die. That's ludicrous. http://en.wikipedia.org/wiki/Gaucher's_disease http://youtube.com/watch?v=0nX6QM5iVaU If we consider ourselves decent "hackers", why don't we put our efforts toward helping cure this and other diseases rather than some very simple programming vulnerability? Is it because then we would have to reinvent a whole new slew of tools and re-orient/re-educate ourselves to be successful? Think about it… -- Kristian Erik Hermansen _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists