lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <4734AC06.3070809@gmail.com>
Date: Fri, 09 Nov 2007 11:50:46 -0700
From: don bailey <don.bailey@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Why I hate you (and a philanthropic challenge!)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear jackasses,

	I really think you should stop saying you have "zero day"
to sell on Full Disclosure. Mostly because no-one really gives a
shit. Also, no-one is really interested in paying for your horrible
code. It looks worse than initd.sh. Seriously. My code sucks, but
yours is far worse. Please stop wasting our time caring what you
think.

	On to my idea!

	I think the next 7 (I'm being very optimistic here) zero
day bugs should be "bought" by people giving money to charity
organizations! We don't see enough selflessness in computer
security, so stop being a dick: help save stuff that's important.

	So, here's how it should work. Post your zero day up
on full disclosure. Yes, actually disclose it. Post what
charity you are releasing the zero day for. Then, we as a
public, will PayPal that charity (no, it can't be the Save
SnoSoft and Netragard Fund) some monies. Wouldn't that be
nice? We can help the EFF, battle illegal pornography or
even support your favorite politician! Doesn't sound bad,
does it?

I will personally promise to donate up to 300$ (total, I'm not
rich) to said charities assuming that they are legal and such.

NOW GET TO WORK AND DROP SOME ZERO DAY
NO, XSS DOES NOT COUNT

Donb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHNKwDyWX0NBMJYAcRAjKAAJ0TGa4nMIKxkzn0L8abxrr6hrrueQCfUkti
hul0/vIOYofT4TGBMxtBJ3o=
=T42x
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ