lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <fe37588d0709211037j11794510j3e4e3c77cd8658ad@mail.gmail.com>
Date: Fri, 21 Sep 2007 10:37:20 -0700
From: "Kristian Erik Hermansen" <kristian.hermansen@...il.com>
To: full-disclosure@...ts.grok.org.uk, dailydave@...ts.immunitysec.com
Subject: Hacking software is lame -- try medical
	research...

Some interesting discussion came up on some security lists this week
and it got me to thinking.  Yes, hacking software is lame.  Cool, so
you found some vulnerabilities in some widely distributed application,
service, or OS and it is patched just as quickly.  Why don't we spend
our time and valuable energy researching cures for rare or popular
diseases instead?  For instance, my brother (Jon Hermansen) has a very
rare disease called Langerhans Cell Histiocytosis.  It is also better
known as LCH.  It can be identified as causing such further diseases
as Diabetes Insipidus, which is also uncommon (not sugar diabetes).
Have you heard of these diseases before?  Let me educate you…

General Information:
http://en.wikipedia.org/wiki/Langerhans_cell_histiocytosis
http://en.wikipedia.org/wiki/Diabetes_insipidus

Seven Part Video Series:
http://youtube.com/watch?v=KkBRqZS8nfM
http://youtube.com/watch?v=w1h6ZjxF-To
http://youtube.com/watch?v=0ojbJpERlt8
http://youtube.com/watch?v=dzUqdYofMCQ
http://youtube.com/watch?v=lNhzwNYhi0M
http://youtube.com/watch?v=nY9DDEhShcE
http://youtube.com/watch?v=5_8SEYyEZGI

And even worse than this, a friend of mine who is a PhD student in
Math at Berkeley has an even rarer disease known as Gaucher's Disease.
 This costs $550,000 / year to treat.  That's a hefty bill every year
(you make that much doing security vulns?), and some insurance
companies might refuse to accept you due to "pre-existing" conditions.
 So guess what, my friend does not have health insurance and has not
been treated for two years.  A genius might die.  That's ludicrous.

http://en.wikipedia.org/wiki/Gaucher's_disease
http://youtube.com/watch?v=0nX6QM5iVaU

If we consider ourselves decent "hackers", why don't we put our
efforts toward helping cure this and other diseases rather than some
very simple programming vulnerability?  Is it because then we would
have to reinvent a whole new slew of tools and re-orient/re-educate
ourselves to be successful?  Think about it…
-- 
Kristian Erik Hermansen

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ