lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 2 Jan 2008 00:56:33 -0700
From: "Andre Gironda" <andreg@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: [Professional IT Security Providers -
	Exposed] QuietMove ( F + )

On Jan 2, 2008 12:17 AM, secreview <secreview@...hmail.com> wrote:
> Regardless, Adam did react to our website comments, and his reaction was as
> follows, verbatim:

Secreview is clearly anything less than professional. I would say this
is a repeat of "InfoSecSellout" if not the exact same people.

> In a Different email Andre lost all credibility with us because he decided
> to directly attack other companies that we've reviewed that received higher
> grades. If you compare the score cards between QuietMove and the other
> company that Andre bashes, you'll see why they got the good grade. Anyway,
> here's what Andre had to say (we'll comment later):

If I know something bad about a company that you gave a good grade to,
I feel the need to bash that company based on your reputation alone.

In other words, since you can't be trusted; I feel the need to offset
any good things you've said by adding my own commentary.

Every security consulting company is unique (have their own unique
good/bad points).  Many are small and as I said before, "fighting just
to stay in business".  If you are going to give poor reviews, I
suggest you write them up and keep them to yourself instead of
publishing them.

For one of the companies that I worked for in the past, we had a
special way of analyzing new products/services.  In our assessments,
we would gather up all of the good points of the best vendors --
instead of focusing on the bad points of vendors that failed our
criteria.

It takes a special kind of asshole to do what you do.  I also believe
that you know this, and only by hiding behind anonymity are you
willing to continue to do what it is that you do.

As far as losing credibility with you, I'm clearly fine with that...
I'll be getting plenty of free beer from others who dislike you.
Maybe your nepotism will pay off with the companies you give good
grades to.  Maybe you'll win a Nobel Prize for your amazing
methodology of rating security consulting companies by their websites,
as well as the scientific method (i.e. using Google to search
mailing-lists for people's names).

Cheers,
Andre

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ